X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;ds=sidebyside;f=security%2Fimpl%2Fsrc%2Ftest%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FUrlAuthorizationRuleTest.java;fp=security%2Fimpl%2Fsrc%2Ftest%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FUrlAuthorizationRuleTest.java;h=b2353b89f9a1286591fab1259fddb3584beaa7e3;hb=5ea8f0e2af53562c1507e8fb5a3ede2af5c5de6c;hp=0000000000000000000000000000000000000000;hpb=b9eccdf9751b8e2e671e0792f885d05c6ed0f43c;p=utils diff --git a/security/impl/src/test/java/org/wamblee/security/authorization/UrlAuthorizationRuleTest.java b/security/impl/src/test/java/org/wamblee/security/authorization/UrlAuthorizationRuleTest.java new file mode 100644 index 00000000..b2353b89 --- /dev/null +++ b/security/impl/src/test/java/org/wamblee/security/authorization/UrlAuthorizationRuleTest.java @@ -0,0 +1,96 @@ +/* + * Copyright 2005-2010 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.wamblee.security.authorization; + +import junit.framework.TestCase; +import static org.wamblee.security.authorization.AuthorizationResult.GRANTED; +import static org.wamblee.security.authorization.AuthorizationResult.UNDECIDED; +import static org.wamblee.security.authorization.AuthorizationResult.UNSUPPORTED_RESOURCE; + +import org.wamblee.usermgt.User; + +/** + * Tests for the {@link org.wamblee.security.authorization.UrlAuthorizationRule} + * . + * + * @author Erik Brakkee + */ +public class UrlAuthorizationRuleTest extends TestCase { + /** + * Constructs the rule with a result of UNDECIDED. Verifies that an + * IllegalArgumentException is thrown. + */ + public void testConstructWithUndecidedResult() { + try { + new TestAuthorizationRule(UNDECIDED, "users", "/path", + ReadOperation.class); + fail(); + } catch (IllegalArgumentException e) { + // ok + } + } + + /** + * Constructs the rule with a result of UNSUPPORTED_RESOURCE. Verifies that + * an IllegalArgumentException is thrown. + */ + public void testConstructWithUnsupportedResult() { + try { + new TestAuthorizationRule(UNSUPPORTED_RESOURCE, "users", "/path", + ReadOperation.class); + fail(); + } catch (IllegalArgumentException e) { + // ok + } + } + + /** + * Constructs the authorization rule and applies it to an unsupported object + * type. Verifies that the result is UNSUPPORTED_RESOURCE. + */ + public void testUnsupportedObject() { + AuthorizationRule rule = new TestAuthorizationRule(GRANTED, "users", + "/path", ReadOperation.class); + assertEquals(UNSUPPORTED_RESOURCE, rule.isAllowed("hello", + new ReadOperation(), new TestUserAccessor().getCurrentUser())); + } + + public void testMatchingScenarios() { + AuthorizationRule rule = new TestAuthorizationRule(GRANTED, "users", + "/path/", ReadOperation.class); + User user = new TestUserAccessor().getCurrentUser(); + + // everything matches + assertEquals(GRANTED, rule.isAllowed(new TestResource("/path/a"), + new ReadOperation(), user)); + assertEquals(GRANTED, rule.isAllowed(new TestResource("/path/"), + new ReadOperation(), user)); + + // path does not match. + assertEquals(UNDECIDED, rule.isAllowed(new TestResource("/path"), + new ReadOperation(), user)); + + // operation does not match. + assertEquals(UNDECIDED, rule.isAllowed(new TestResource("/path/"), + new WriteOperation(), user)); + + // group does not match. + AuthorizationRule rule2 = new TestAuthorizationRule(GRANTED, "users2", + "/path/", ReadOperation.class); + assertEquals(UNDECIDED, rule2.isAllowed(new TestResource("/path/a"), + new ReadOperation(), user)); + } +}