/*
* Copyright 2005 the original author or authors.
- *
+ *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
- */
-
+ */
package org.wamblee.security.authorization;
+import junit.framework.TestCase;
import static org.wamblee.security.authorization.AuthorizationResult.DENIED;
import static org.wamblee.security.authorization.AuthorizationResult.GRANTED;
-import junit.framework.TestCase;
import org.wamblee.usermgt.UserAccessor;
+
/**
- * Tests the authorization service.
+ * Tests the authorization service.
*
* @author Erik Brakkee
*/
public class AuthorizationServiceTest extends TestCase {
-
- private AuthorizationRule rule1;
- private AuthorizationRule rule2;
- private AuthorizationRule rule3;
- private AuthorizationService service;
-
- protected AuthorizationService getService() {
- return service;
- }
-
+ /**
+ * DOCUMENT ME!
+ */
+ private AuthorizationRule rule1;
+
+ /**
+ * DOCUMENT ME!
+ */
+ private AuthorizationRule rule2;
+
+ /**
+ * DOCUMENT ME!
+ */
+ private AuthorizationRule rule3;
+
+ /**
+ * DOCUMENT ME!
+ */
+ private AuthorizationService service;
+
+ /**
+ * DOCUMENT ME!
+ *
+ * @return DOCUMENT ME!
+ */
+ protected AuthorizationService getService() {
+ return service;
+ }
+
/* (non-Javadoc)
* @see junit.framework.TestCase#setUp()
*/
+ /**
+ * DOCUMENT ME!
+ *
+ * @throws Exception DOCUMENT ME!
+ */
@Override
protected void setUp() throws Exception {
super.setUp();
-
- rule1 = createRule(GRANTED, "users", "/oni/", AllOperation.class);
- rule2 = createRule(DENIED, "users", "/abc/", ReadOperation.class);
- rule3 = createRule(GRANTED, "users", "/abc/", AllOperation.class);
-
- service = createService();
- service.appendRule(rule1);
+
+ rule1 = createRule(GRANTED, "users", "/oni/", AllOperation.class);
+ rule2 = createRule(DENIED, "users", "/abc/", ReadOperation.class);
+ rule3 = createRule(GRANTED, "users", "/abc/", AllOperation.class);
+
+ service = createService();
+ service.appendRule(rule1);
service.appendRule(rule2);
service.appendRule(rule3);
}
-
- protected void resetTestRules() {
- ((TestAuthorizationRule)rule1).reset();
- ((TestAuthorizationRule)rule2).reset();
- ((TestAuthorizationRule)rule3).reset();
+
+ /**
+ * DOCUMENT ME!
+ */
+ protected void resetTestRules() {
+ ((TestAuthorizationRule) rule1).reset();
+ ((TestAuthorizationRule) rule2).reset();
+ ((TestAuthorizationRule) rule3).reset();
}
-
- protected UserAccessor createUserAccessor() {
- return new TestUserAccessor();
+
+ /**
+ * DOCUMENT ME!
+ *
+ * @return DOCUMENT ME!
+ */
+ protected UserAccessor createUserAccessor() {
+ return new TestUserAccessor();
}
/**
- * Creates an authorization service with some rules for testing. .
- * @return Authorization service.
+ * Creates an authorization service with some rules for testing. .
+ *
+ * @return Authorization service.
*/
protected AuthorizationService createService() {
- DefaultAuthorizationService service = new DefaultAuthorizationService() ;
+ DefaultAuthorizationService service = new DefaultAuthorizationService();
service.setUserAccessor(createUserAccessor());
+
return service;
}
-
- protected AuthorizationRule createRule(AuthorizationResult aResult, String aGroup, String aPath, Class<? extends Operation> aOperation) {
+
+ /**
+ * DOCUMENT ME!
+ *
+ * @param aResult DOCUMENT ME!
+ * @param aGroup DOCUMENT ME!
+ * @param aPath DOCUMENT ME!
+ * @param aOperation DOCUMENT ME!
+ *
+ * @return DOCUMENT ME!
+ */
+ protected AuthorizationRule createRule(AuthorizationResult aResult,
+ String aGroup, String aPath, Class<?extends Operation> aOperation) {
return new TestAuthorizationRule(aResult, aGroup, aPath, aOperation);
}
-
- protected void checkMatchCount(int aCount, AuthorizationRule aRule) {
- assertEquals( aCount, ((TestAuthorizationRule)aRule).getMatchCount());
+
+ /**
+ * DOCUMENT ME!
+ *
+ * @param aCount DOCUMENT ME!
+ * @param aRule DOCUMENT ME!
+ */
+ protected void checkMatchCount(int aCount, AuthorizationRule aRule) {
+ assertEquals(aCount, ((TestAuthorizationRule) aRule).getMatchCount());
}
-
- protected Object createResource(String aPath) {
+
+ /**
+ * DOCUMENT ME!
+ *
+ * @param aPath DOCUMENT ME!
+ *
+ * @return DOCUMENT ME!
+ */
+ protected Object createResource(String aPath) {
return new TestResource(aPath);
}
-
- protected void checkRuleCount(int aCount) {
+
+ /**
+ * DOCUMENT ME!
+ *
+ * @param aCount DOCUMENT ME!
+ */
+ protected void checkRuleCount(int aCount) {
// Empty
}
-
+
/**
- * Several checks to verify the outcome of matching against the first rule.
- *
+ * Several checks to verify the outcome of matching against the
+ * first rule.
*/
- public void testFirstRuleGrants() {
- assertTrue( service.isAllowed(createResource("/oni/xyz.jpg"), new ReadOperation()));
+ public void testFirstRuleGrants() {
+ assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"),
+ new ReadOperation()));
checkMatchCount(1, rule1);
- assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"), new WriteOperation()));
+ assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"),
+ new WriteOperation()));
checkMatchCount(2, rule1);
- assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"), new DeleteOperation()));
+ assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"),
+ new DeleteOperation()));
checkMatchCount(3, rule1);
- assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"), new CreateOperation()));
+ assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"),
+ new CreateOperation()));
checkMatchCount(4, rule1);
checkMatchCount(0, rule2);
checkMatchCount(0, rule3);
}
-
+
/**
- * Verify that a match with the second rule leads to a denial of authorization.
- *
+ * Verify that a match with the second rule leads to a denial of
+ * authorization.
*/
public void testSecondRuleDenies() {
- assertFalse(service.isAllowed(createResource("/abc/xyz.jpg"), new ReadOperation()));
+ assertFalse(service.isAllowed(createResource("/abc/xyz.jpg"),
+ new ReadOperation()));
checkMatchCount(0, rule1);
checkMatchCount(1, rule2);
checkMatchCount(0, rule3);
}
-
+
/**
- * Verifies that the third rule is used when appropriate and that it grants access.
- *
+ * Verifies that the third rule is used when appropriate and that
+ * it grants access.
*/
- public void testThirdRuleGrants() {
- assertTrue(service.isAllowed(createResource("/abc/xyz.jpg"), new WriteOperation()));
- checkMatchCount(0, rule1);
+ public void testThirdRuleGrants() {
+ assertTrue(service.isAllowed(createResource("/abc/xyz.jpg"),
+ new WriteOperation()));
+ checkMatchCount(0, rule1);
checkMatchCount(0, rule2);
- checkMatchCount(1, rule3);
+ checkMatchCount(1, rule3);
}
-
+
/**
- * Removes a rule and checks it is removed.
- *
+ * Removes a rule and checks it is removed.
*/
- public void testRemoveRule() {
+ public void testRemoveRule() {
checkRuleCount(3);
- assertTrue(service.isAllowed(createResource("/abc/xyz.jpg"), new WriteOperation()));
- service.removeRule(2);
- assertFalse(service.isAllowed(createResource("/abc/xyz.jpg"), new WriteOperation()));
+ assertTrue(service.isAllowed(createResource("/abc/xyz.jpg"),
+ new WriteOperation()));
+ service.removeRule(2);
+ assertFalse(service.isAllowed(createResource("/abc/xyz.jpg"),
+ new WriteOperation()));
checkRuleCount(2);
}
-
+
/**
- * Inserts a rule and checks it is inserted.
- *
+ * Inserts a rule and checks it is inserted.
*/
public void testInsertRule() {
checkRuleCount(3);
- assertFalse(service.isAllowed(createResource("/janse/xyz.jpg"), new WriteOperation()));
- service.appendRule(createRule(GRANTED, "users", "/janse/", WriteOperation.class));
- assertTrue(service.isAllowed(createResource("/janse/xyz.jpg"), new WriteOperation()));
+ assertFalse(service.isAllowed(createResource("/janse/xyz.jpg"),
+ new WriteOperation()));
+ service.appendRule(createRule(GRANTED, "users", "/janse/",
+ WriteOperation.class));
+ assertTrue(service.isAllowed(createResource("/janse/xyz.jpg"),
+ new WriteOperation()));
checkRuleCount(4);
-
}
-
+
/**
- * Gets the rules. Verifies that all rules are obtained.
- *
+ * Gets the rules. Verifies that all rules are obtained.
*/
- public void testGetRules() {
+ public void testGetRules() {
AuthorizationRule[] rules = service.getRules();
- assertEquals(3, rules.length);
+ assertEquals(3, rules.length);
}
-
+
/**
- * Verifies that when no rules match, access is denied.
- *
+ * Verifies that when no rules match, access is denied.
*/
- public void testNoRulesSupportResource() {
- assertFalse(service.isAllowed(createResource("/xyxyxyxy"), new ReadOperation()));
- checkMatchCount(0, rule1);
+ public void testNoRulesSupportResource() {
+ assertFalse(service.isAllowed(createResource("/xyxyxyxy"),
+ new ReadOperation()));
+ checkMatchCount(0, rule1);
checkMatchCount(0, rule2);
- checkMatchCount(0, rule3);
+ checkMatchCount(0, rule3);
}
}
git://wamblee.org / utils / blobdiff