/*
* Copyright 2005 the original author or authors.
- *
+ *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
-
+ */
package org.wamblee.security.authorization;
+import junit.framework.TestCase;
import static org.wamblee.security.authorization.AuthorizationResult.DENIED;
import static org.wamblee.security.authorization.AuthorizationResult.GRANTED;
-import org.wamblee.persistence.hibernate.HibernateMappingFiles;
-import org.wamblee.test.spring.SpringTestCase;
-import org.wamblee.test.spring.SpringConfigFiles;
import org.wamblee.usermgt.UserAccessor;
/**
- * Tests the authorization service.
- *
+ * Tests the authorization service.
+ *
* @author Erik Brakkee
*/
-public class AuthorizationServiceTest extends SpringTestCase {
-
- private AuthorizationRule _rule1;
- private AuthorizationRule _rule2;
- private AuthorizationRule _rule3;
- private AuthorizationService _service;
-
-
- public AuthorizationServiceTest() {
- super(SpringConfigFiles.class, HibernateMappingFiles.class);
- }
-
- public AuthorizationServiceTest(Class<? extends SpringConfigFiles>aSpringFiles,
- Class<? extends HibernateMappingFiles> aMappings) {
- super(aSpringFiles, aMappings);
- }
-
- protected AuthorizationService getService() {
- return _service;
- }
-
- /* (non-Javadoc)
+public class AuthorizationServiceTest extends TestCase {
+ private AuthorizationRule rule1;
+
+ private AuthorizationRule rule2;
+
+ private AuthorizationRule rule3;
+
+ private AuthorizationService service;
+
+ protected AuthorizationService getService() {
+ return service;
+ }
+
+ /*
+ * (non-Javadoc)
+ *
* @see junit.framework.TestCase#setUp()
*/
@Override
protected void setUp() throws Exception {
super.setUp();
-
- _rule1 = createRule(GRANTED, "users", "/oni/", AllOperation.class);
- _rule2 = createRule(DENIED, "users", "/abc/", ReadOperation.class);
- _rule3 = createRule(GRANTED, "users", "/abc/", AllOperation.class);
-
- _service = createService();
- _service.appendRule(_rule1);
- _service.appendRule(_rule2);
- _service.appendRule(_rule3);
- }
-
- protected void resetTestRules() {
- ((TestAuthorizationRule)_rule1).reset();
- ((TestAuthorizationRule)_rule2).reset();
- ((TestAuthorizationRule)_rule3).reset();
- }
-
- protected UserAccessor createUserAccessor() {
- return new TestUserAccessor();
+
+ rule1 = createRule(GRANTED, "users", "/oni/", AllOperation.class);
+ rule2 = createRule(DENIED, "users", "/abc/", ReadOperation.class);
+ rule3 = createRule(GRANTED, "users", "/abc/", AllOperation.class);
+
+ service = createService();
+ service.appendRule(rule1);
+ service.appendRule(rule2);
+ service.appendRule(rule3);
+ }
+
+ protected void resetTestRules() {
+ ((TestAuthorizationRule) rule1).reset();
+ ((TestAuthorizationRule) rule2).reset();
+ ((TestAuthorizationRule) rule3).reset();
+ }
+
+ protected UserAccessor createUserAccessor() {
+ return new TestUserAccessor();
}
/**
- * Creates an authorization service with some rules for testing. .
- * @return Authorization service.
+ * Creates an authorization service with some rules for testing. .
+ *
+ * @return Authorization service.
*/
protected AuthorizationService createService() {
- DefaultAuthorizationService service = new DefaultAuthorizationService() ;
+ DefaultAuthorizationService service = new DefaultAuthorizationService();
service.setUserAccessor(createUserAccessor());
+
return service;
}
-
- protected AuthorizationRule createRule(AuthorizationResult aResult, String aGroup, String aPath, Class<? extends Operation> aOperation) {
+
+ protected AuthorizationRule createRule(AuthorizationResult aResult,
+ String aGroup, String aPath, Class<? extends Operation> aOperation) {
return new TestAuthorizationRule(aResult, aGroup, aPath, aOperation);
}
-
- protected void checkMatchCount(int aCount, AuthorizationRule aRule) {
- assertEquals( aCount, ((TestAuthorizationRule)aRule).getMatchCount());
+
+ protected void checkMatchCount(int aCount, AuthorizationRule aRule) {
+ assertEquals(aCount, ((TestAuthorizationRule) aRule).getMatchCount());
}
-
- protected Object createResource(String aPath) {
+
+ protected Object createResource(String aPath) {
return new TestResource(aPath);
}
-
- protected void checkRuleCount(int aCount) {
+
+ protected void checkRuleCount(int aCount) {
// Empty
}
-
+
/**
- * Several checks to verify the outcome of matching against the first rule.
- *
+ * Several checks to verify the outcome of matching against the first rule.
*/
- public void testFirstRuleGrants() {
- assertTrue( _service.isAllowed(createResource("/oni/xyz.jpg"), new ReadOperation()));
- checkMatchCount(1, _rule1);
- assertTrue(_service.isAllowed(createResource("/oni/xyz.jpg"), new WriteOperation()));
- checkMatchCount(2, _rule1);
- assertTrue(_service.isAllowed(createResource("/oni/xyz.jpg"), new DeleteOperation()));
- checkMatchCount(3, _rule1);
- assertTrue(_service.isAllowed(createResource("/oni/xyz.jpg"), new CreateOperation()));
- checkMatchCount(4, _rule1);
- checkMatchCount(0, _rule2);
- checkMatchCount(0, _rule3);
- }
-
+ public void testFirstRuleGrants() {
+ assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"),
+ new ReadOperation()));
+ checkMatchCount(1, rule1);
+ assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"),
+ new WriteOperation()));
+ checkMatchCount(2, rule1);
+ assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"),
+ new DeleteOperation()));
+ checkMatchCount(3, rule1);
+ assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"),
+ new CreateOperation()));
+ checkMatchCount(4, rule1);
+ checkMatchCount(0, rule2);
+ checkMatchCount(0, rule3);
+ }
+
/**
- * Verify that a match with the second rule leads to a denial of authorization.
- *
+ * Verify that a match with the second rule leads to a denial of
+ * authorization.
*/
public void testSecondRuleDenies() {
- assertFalse(_service.isAllowed(createResource("/abc/xyz.jpg"), new ReadOperation()));
- checkMatchCount(0, _rule1);
- checkMatchCount(1, _rule2);
- checkMatchCount(0, _rule3);
+ assertFalse(service.isAllowed(createResource("/abc/xyz.jpg"),
+ new ReadOperation()));
+ checkMatchCount(0, rule1);
+ checkMatchCount(1, rule2);
+ checkMatchCount(0, rule3);
}
-
+
/**
- * Verifies that the third rule is used when appropriate and that it grants access.
- *
+ * Verifies that the third rule is used when appropriate and that it grants
+ * access.
*/
- public void testThirdRuleGrants() {
- assertTrue(_service.isAllowed(createResource("/abc/xyz.jpg"), new WriteOperation()));
- checkMatchCount(0, _rule1);
- checkMatchCount(0, _rule2);
- checkMatchCount(1, _rule3);
+ public void testThirdRuleGrants() {
+ assertTrue(service.isAllowed(createResource("/abc/xyz.jpg"),
+ new WriteOperation()));
+ checkMatchCount(0, rule1);
+ checkMatchCount(0, rule2);
+ checkMatchCount(1, rule3);
}
-
+
/**
- * Removes a rule and checks it is removed.
- *
+ * Removes a rule and checks it is removed.
*/
- public void testRemoveRule() {
+ public void testRemoveRule() {
checkRuleCount(3);
- assertTrue(_service.isAllowed(createResource("/abc/xyz.jpg"), new WriteOperation()));
- _service.removeRule(2);
- assertFalse(_service.isAllowed(createResource("/abc/xyz.jpg"), new WriteOperation()));
+ assertTrue(service.isAllowed(createResource("/abc/xyz.jpg"),
+ new WriteOperation()));
+ service.removeRule(2);
+ assertFalse(service.isAllowed(createResource("/abc/xyz.jpg"),
+ new WriteOperation()));
checkRuleCount(2);
}
-
+
/**
- * Inserts a rule and checks it is inserted.
- *
+ * Inserts a rule and checks it is inserted.
*/
public void testInsertRule() {
checkRuleCount(3);
- assertFalse(_service.isAllowed(createResource("/janse/xyz.jpg"), new WriteOperation()));
- _service.appendRule(createRule(GRANTED, "users", "/janse/", WriteOperation.class));
- assertTrue(_service.isAllowed(createResource("/janse/xyz.jpg"), new WriteOperation()));
+ assertFalse(service.isAllowed(createResource("/janse/xyz.jpg"),
+ new WriteOperation()));
+ service.appendRule(createRule(GRANTED, "users", "/janse/",
+ WriteOperation.class));
+ assertTrue(service.isAllowed(createResource("/janse/xyz.jpg"),
+ new WriteOperation()));
checkRuleCount(4);
-
}
-
+
/**
- * Gets the rules. Verifies that all rules are obtained.
- *
+ * Gets the rules. Verifies that all rules are obtained.
*/
- public void testGetRules() {
- AuthorizationRule[] rules = _service.getRules();
- assertEquals(3, rules.length);
+ public void testGetRules() {
+ AuthorizationRule[] rules = service.getRules();
+ assertEquals(3, rules.length);
}
-
+
/**
- * Verifies that when no rules match, access is denied.
- *
+ * Verifies that when no rules match, access is denied.
*/
- public void testNoRulesSupportResource() {
- assertFalse(_service.isAllowed(createResource("/xyxyxyxy"), new ReadOperation()));
- checkMatchCount(0, _rule1);
- checkMatchCount(0, _rule2);
- checkMatchCount(0, _rule3);
+ public void testNoRulesSupportResource() {
+ assertFalse(service.isAllowed(createResource("/xyxyxyxy"),
+ new ReadOperation()));
+ checkMatchCount(0, rule1);
+ checkMatchCount(0, rule2);
+ checkMatchCount(0, rule3);
}
}