X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;f=security%2Fsrc%2Ftest%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FAuthorizationServiceTest.java;h=fcc29344171e81d28e9f5b8d8566564ec6fc8c80;hb=ddd261f331280640c5b53c7128230b629ebcd268;hp=502000e61a5b4a3b15323a96e65dd1eb11615b73;hpb=bfdfe5ac1e02bff97a56e14f7ef790f67c407ae6;p=utils diff --git a/security/src/test/java/org/wamblee/security/authorization/AuthorizationServiceTest.java b/security/src/test/java/org/wamblee/security/authorization/AuthorizationServiceTest.java index 502000e6..fcc29344 100644 --- a/security/src/test/java/org/wamblee/security/authorization/AuthorizationServiceTest.java +++ b/security/src/test/java/org/wamblee/security/authorization/AuthorizationServiceTest.java @@ -1,180 +1,247 @@ /* * Copyright 2005 the original author or authors. - * + * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. - */ - + */ package org.wamblee.security.authorization; +import junit.framework.TestCase; import static org.wamblee.security.authorization.AuthorizationResult.DENIED; import static org.wamblee.security.authorization.AuthorizationResult.GRANTED; -import junit.framework.TestCase; -import org.wamblee.persistence.hibernate.HibernateMappingFiles; -import org.wamblee.test.spring.SpringTestCase; -import org.wamblee.test.spring.SpringConfigFiles; import org.wamblee.usermgt.UserAccessor; + /** - * Tests the authorization service. + * Tests the authorization service. * * @author Erik Brakkee */ public class AuthorizationServiceTest extends TestCase { - - private AuthorizationRule _rule1; - private AuthorizationRule _rule2; - private AuthorizationRule _rule3; - private AuthorizationService _service; - - protected AuthorizationService getService() { - return _service; - } - + /** + * DOCUMENT ME! + */ + private AuthorizationRule rule1; + + /** + * DOCUMENT ME! + */ + private AuthorizationRule rule2; + + /** + * DOCUMENT ME! + */ + private AuthorizationRule rule3; + + /** + * DOCUMENT ME! + */ + private AuthorizationService service; + + /** + * DOCUMENT ME! + * + * @return DOCUMENT ME! + */ + protected AuthorizationService getService() { + return service; + } + /* (non-Javadoc) * @see junit.framework.TestCase#setUp() */ + /** + * DOCUMENT ME! + * + * @throws Exception DOCUMENT ME! + */ @Override protected void setUp() throws Exception { super.setUp(); - - _rule1 = createRule(GRANTED, "users", "/oni/", AllOperation.class); - _rule2 = createRule(DENIED, "users", "/abc/", ReadOperation.class); - _rule3 = createRule(GRANTED, "users", "/abc/", AllOperation.class); - - _service = createService(); - _service.appendRule(_rule1); - _service.appendRule(_rule2); - _service.appendRule(_rule3); + + rule1 = createRule(GRANTED, "users", "/oni/", AllOperation.class); + rule2 = createRule(DENIED, "users", "/abc/", ReadOperation.class); + rule3 = createRule(GRANTED, "users", "/abc/", AllOperation.class); + + service = createService(); + service.appendRule(rule1); + service.appendRule(rule2); + service.appendRule(rule3); } - - protected void resetTestRules() { - ((TestAuthorizationRule)_rule1).reset(); - ((TestAuthorizationRule)_rule2).reset(); - ((TestAuthorizationRule)_rule3).reset(); + + /** + * DOCUMENT ME! + */ + protected void resetTestRules() { + ((TestAuthorizationRule) rule1).reset(); + ((TestAuthorizationRule) rule2).reset(); + ((TestAuthorizationRule) rule3).reset(); } - - protected UserAccessor createUserAccessor() { - return new TestUserAccessor(); + + /** + * DOCUMENT ME! + * + * @return DOCUMENT ME! + */ + protected UserAccessor createUserAccessor() { + return new TestUserAccessor(); } /** - * Creates an authorization service with some rules for testing. . - * @return Authorization service. + * Creates an authorization service with some rules for testing. . + * + * @return Authorization service. */ protected AuthorizationService createService() { - DefaultAuthorizationService service = new DefaultAuthorizationService() ; + DefaultAuthorizationService service = new DefaultAuthorizationService(); service.setUserAccessor(createUserAccessor()); + return service; } - - protected AuthorizationRule createRule(AuthorizationResult aResult, String aGroup, String aPath, Class aOperation) { + + /** + * DOCUMENT ME! + * + * @param aResult DOCUMENT ME! + * @param aGroup DOCUMENT ME! + * @param aPath DOCUMENT ME! + * @param aOperation DOCUMENT ME! + * + * @return DOCUMENT ME! + */ + protected AuthorizationRule createRule(AuthorizationResult aResult, + String aGroup, String aPath, Class aOperation) { return new TestAuthorizationRule(aResult, aGroup, aPath, aOperation); } - - protected void checkMatchCount(int aCount, AuthorizationRule aRule) { - assertEquals( aCount, ((TestAuthorizationRule)aRule).getMatchCount()); + + /** + * DOCUMENT ME! + * + * @param aCount DOCUMENT ME! + * @param aRule DOCUMENT ME! + */ + protected void checkMatchCount(int aCount, AuthorizationRule aRule) { + assertEquals(aCount, ((TestAuthorizationRule) aRule).getMatchCount()); } - - protected Object createResource(String aPath) { + + /** + * DOCUMENT ME! + * + * @param aPath DOCUMENT ME! + * + * @return DOCUMENT ME! + */ + protected Object createResource(String aPath) { return new TestResource(aPath); } - - protected void checkRuleCount(int aCount) { + + /** + * DOCUMENT ME! + * + * @param aCount DOCUMENT ME! + */ + protected void checkRuleCount(int aCount) { // Empty } - + /** - * Several checks to verify the outcome of matching against the first rule. - * + * Several checks to verify the outcome of matching against the + * first rule. */ - public void testFirstRuleGrants() { - assertTrue( _service.isAllowed(createResource("/oni/xyz.jpg"), new ReadOperation())); - checkMatchCount(1, _rule1); - assertTrue(_service.isAllowed(createResource("/oni/xyz.jpg"), new WriteOperation())); - checkMatchCount(2, _rule1); - assertTrue(_service.isAllowed(createResource("/oni/xyz.jpg"), new DeleteOperation())); - checkMatchCount(3, _rule1); - assertTrue(_service.isAllowed(createResource("/oni/xyz.jpg"), new CreateOperation())); - checkMatchCount(4, _rule1); - checkMatchCount(0, _rule2); - checkMatchCount(0, _rule3); - } - - /** - * Verify that a match with the second rule leads to a denial of authorization. - * + public void testFirstRuleGrants() { + assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"), + new ReadOperation())); + checkMatchCount(1, rule1); + assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"), + new WriteOperation())); + checkMatchCount(2, rule1); + assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"), + new DeleteOperation())); + checkMatchCount(3, rule1); + assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"), + new CreateOperation())); + checkMatchCount(4, rule1); + checkMatchCount(0, rule2); + checkMatchCount(0, rule3); + } + + /** + * Verify that a match with the second rule leads to a denial of + * authorization. */ public void testSecondRuleDenies() { - assertFalse(_service.isAllowed(createResource("/abc/xyz.jpg"), new ReadOperation())); - checkMatchCount(0, _rule1); - checkMatchCount(1, _rule2); - checkMatchCount(0, _rule3); + assertFalse(service.isAllowed(createResource("/abc/xyz.jpg"), + new ReadOperation())); + checkMatchCount(0, rule1); + checkMatchCount(1, rule2); + checkMatchCount(0, rule3); } - + /** - * Verifies that the third rule is used when appropriate and that it grants access. - * + * Verifies that the third rule is used when appropriate and that + * it grants access. */ - public void testThirdRuleGrants() { - assertTrue(_service.isAllowed(createResource("/abc/xyz.jpg"), new WriteOperation())); - checkMatchCount(0, _rule1); - checkMatchCount(0, _rule2); - checkMatchCount(1, _rule3); + public void testThirdRuleGrants() { + assertTrue(service.isAllowed(createResource("/abc/xyz.jpg"), + new WriteOperation())); + checkMatchCount(0, rule1); + checkMatchCount(0, rule2); + checkMatchCount(1, rule3); } - + /** - * Removes a rule and checks it is removed. - * + * Removes a rule and checks it is removed. */ - public void testRemoveRule() { + public void testRemoveRule() { checkRuleCount(3); - assertTrue(_service.isAllowed(createResource("/abc/xyz.jpg"), new WriteOperation())); - _service.removeRule(2); - assertFalse(_service.isAllowed(createResource("/abc/xyz.jpg"), new WriteOperation())); + assertTrue(service.isAllowed(createResource("/abc/xyz.jpg"), + new WriteOperation())); + service.removeRule(2); + assertFalse(service.isAllowed(createResource("/abc/xyz.jpg"), + new WriteOperation())); checkRuleCount(2); } - + /** - * Inserts a rule and checks it is inserted. - * + * Inserts a rule and checks it is inserted. */ public void testInsertRule() { checkRuleCount(3); - assertFalse(_service.isAllowed(createResource("/janse/xyz.jpg"), new WriteOperation())); - _service.appendRule(createRule(GRANTED, "users", "/janse/", WriteOperation.class)); - assertTrue(_service.isAllowed(createResource("/janse/xyz.jpg"), new WriteOperation())); + assertFalse(service.isAllowed(createResource("/janse/xyz.jpg"), + new WriteOperation())); + service.appendRule(createRule(GRANTED, "users", "/janse/", + WriteOperation.class)); + assertTrue(service.isAllowed(createResource("/janse/xyz.jpg"), + new WriteOperation())); checkRuleCount(4); - } - + /** - * Gets the rules. Verifies that all rules are obtained. - * + * Gets the rules. Verifies that all rules are obtained. */ - public void testGetRules() { - AuthorizationRule[] rules = _service.getRules(); - assertEquals(3, rules.length); + public void testGetRules() { + AuthorizationRule[] rules = service.getRules(); + assertEquals(3, rules.length); } - + /** - * Verifies that when no rules match, access is denied. - * + * Verifies that when no rules match, access is denied. */ - public void testNoRulesSupportResource() { - assertFalse(_service.isAllowed(createResource("/xyxyxyxy"), new ReadOperation())); - checkMatchCount(0, _rule1); - checkMatchCount(0, _rule2); - checkMatchCount(0, _rule3); + public void testNoRulesSupportResource() { + assertFalse(service.isAllowed(createResource("/xyxyxyxy"), + new ReadOperation())); + checkMatchCount(0, rule1); + checkMatchCount(0, rule2); + checkMatchCount(0, rule3); } }