X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;f=security%2Fimpl%2Fsrc%2Ftest%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FAuthorizationServiceTest.java;fp=security%2Fimpl%2Fsrc%2Ftest%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FAuthorizationServiceTest.java;h=0000000000000000000000000000000000000000;hb=9449ea0f360f6e9c14057db57f3ee0bfba947ab4;hp=3e6f159412448e29d7d9e199dec025919e5f5c59;hpb=e8b988e92306a4aea2f047af1b48588147288831;p=utils diff --git a/security/impl/src/test/java/org/wamblee/security/authorization/AuthorizationServiceTest.java b/security/impl/src/test/java/org/wamblee/security/authorization/AuthorizationServiceTest.java deleted file mode 100644 index 3e6f1594..00000000 --- a/security/impl/src/test/java/org/wamblee/security/authorization/AuthorizationServiceTest.java +++ /dev/null @@ -1,201 +0,0 @@ -/* - * Copyright 2005-2010 the original author or authors. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.wamblee.security.authorization; - -import static org.wamblee.security.authorization.AuthorizationResult.*; -import junit.framework.TestCase; - -import org.wamblee.security.authentication.UserAccessor; -import org.wamblee.security.authentication.UserAdministration; - -/** - * Tests the authorization service. - * - * @author Erik Brakkee - */ -public class AuthorizationServiceTest extends TestCase { - private AbstractAuthorizationRule rule1; - - private AbstractAuthorizationRule rule2; - - private AbstractAuthorizationRule rule3; - - private AuthorizationService service; - - private TestUserAccessor userAccessor; - - - protected AuthorizationService getService() { - return service; - } - - /* - * (non-Javadoc) - * - * @see junit.framework.TestCase#setUp() - */ - @Override - protected void setUp() throws Exception { - super.setUp(); - - userAccessor = new TestUserAccessor(); - - rule1 = createRule(GRANTED, "users", "/oni/", AllOperation.class); - rule2 = createRule(DENIED, "users", "/abc/", ReadOperation.class); - rule3 = createRule(GRANTED, "users", "/abc/", AllOperation.class); - - service = createService(); - service.appendRule(rule1); - service.appendRule(rule2); - service.appendRule(rule3); - checkRuleCount(3); - } - - protected void resetTestRules() { - ((TestAuthorizationRule) rule1).reset(); - ((TestAuthorizationRule) rule2).reset(); - ((TestAuthorizationRule) rule3).reset(); - } - - protected UserAccessor getUserAccessor() { - return userAccessor; - } - - protected UserAdministration getUserAdministration() { - return userAccessor.getUserAdmin(); - } - - /** - * Creates an authorization service with some rules for testing. . - * - * @return Authorization service. - */ - protected AuthorizationService createService() { - DefaultAuthorizationService svc = new DefaultAuthorizationService(); - svc.setUserAccessor(getUserAccessor()); - svc.setUserAdministration(getUserAdministration()); - return svc; - } - - protected AbstractAuthorizationRule createRule(AuthorizationResult aResult, - String aGroup, String aPath, Class aOperation) { - return new TestAuthorizationRule(aResult, aGroup, aPath, aOperation); - } - - protected void checkMatchCount(int aCount, AuthorizationRule aRule) { - TestAuthorizationRule testRule = (TestAuthorizationRule) aRule; - assertEquals(aCount, testRule.getMatchCount()); - testRule.reset(); - } - - protected Object createResource(String aPath) { - return new TestResource(aPath); - } - - protected void checkRuleCount(int aCount) { - // Empty - } - - /** - * Several checks to verify the outcome of matching against the first rule. - */ - public void testFirstRuleGrants() { - assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"), - new ReadOperation())); - checkMatchCount(1, service.getRules()[0]); - assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"), - new WriteOperation())); - checkMatchCount(1, service.getRules()[0]); - assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"), - new DeleteOperation())); - checkMatchCount(1, service.getRules()[0]); - assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"), - new CreateOperation())); - checkMatchCount(1, service.getRules()[0]); - checkMatchCount(0, service.getRules()[1]); - checkMatchCount(0, service.getRules()[2]); - } - - /** - * Verify that a match with the second rule leads to a denial of - * authorization. - */ - public void testSecondRuleDenies() { - assertFalse(service.isAllowed(createResource("/abc/xyz.jpg"), - new ReadOperation())); - checkMatchCount(0, service.getRules()[0]); - checkMatchCount(1, service.getRules()[1]); - checkMatchCount(0, service.getRules()[2]); - } - - /** - * Verifies that the third rule is used when appropriate and that it grants - * access. - */ - public void testThirdRuleGrants() { - assertTrue(service.isAllowed(createResource("/abc/xyz.jpg"), - new WriteOperation())); - checkMatchCount(0, service.getRules()[0]); - checkMatchCount(0, service.getRules()[1]); - checkMatchCount(1, service.getRules()[2]); - } - - /** - * Removes a rule and checks it is removed. - */ - public void testRemoveRule() { - checkRuleCount(3); - assertTrue(service.isAllowed(createResource("/abc/xyz.jpg"), - new WriteOperation())); - service.removeRule(2); - assertFalse(service.isAllowed(createResource("/abc/xyz.jpg"), - new WriteOperation())); - checkRuleCount(2); - } - - /** - * Inserts a rule and checks it is inserted. - */ - public void testInsertRule() { - checkRuleCount(3); - assertFalse(service.isAllowed(createResource("/janse/xyz.jpg"), - new WriteOperation())); - service.appendRule(createRule(GRANTED, "users", "/janse/", - WriteOperation.class)); - assertTrue(service.isAllowed(createResource("/janse/xyz.jpg"), - new WriteOperation())); - checkRuleCount(4); - } - - /** - * Gets the rules. Verifies that all rules are obtained. - */ - public void testGetRules() { - AuthorizationRule[] rules = service.getRules(); - assertEquals(3, rules.length); - } - - /** - * Verifies that when no rules match, access is denied. - */ - public void testNoRulesSupportResource() { - assertFalse(service.isAllowed(createResource("/xyxyxyxy"), - new ReadOperation())); - checkMatchCount(0, service.getRules()[0]); - checkMatchCount(0, service.getRules()[1]); - checkMatchCount(0, service.getRules()[2]); - } -}