X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;f=security%2Fsrc%2Ftest%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FAuthorizationServiceTest.java;h=fcc29344171e81d28e9f5b8d8566564ec6fc8c80;hb=ddd261f331280640c5b53c7128230b629ebcd268;hp=5ec36f7ec43b273e0d980a682125d10d4c67b57e;hpb=92e23e5ecf9614f2ab770a8cdedc0b21ddf1e127;p=utils diff --git a/security/src/test/java/org/wamblee/security/authorization/AuthorizationServiceTest.java b/security/src/test/java/org/wamblee/security/authorization/AuthorizationServiceTest.java index 5ec36f7e..fcc29344 100644 --- a/security/src/test/java/org/wamblee/security/authorization/AuthorizationServiceTest.java +++ b/security/src/test/java/org/wamblee/security/authorization/AuthorizationServiceTest.java @@ -1,177 +1,247 @@ /* * Copyright 2005 the original author or authors. - * + * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at - * + * * http://www.apache.org/licenses/LICENSE-2.0 - * + * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. - */ - + */ package org.wamblee.security.authorization; +import junit.framework.TestCase; import static org.wamblee.security.authorization.AuthorizationResult.DENIED; import static org.wamblee.security.authorization.AuthorizationResult.GRANTED; -import junit.framework.TestCase; import org.wamblee.usermgt.UserAccessor; + /** - * Tests the authorization service. + * Tests the authorization service. * * @author Erik Brakkee */ public class AuthorizationServiceTest extends TestCase { - - private AuthorizationRule rule1; - private AuthorizationRule rule2; - private AuthorizationRule rule3; - private AuthorizationService service; - - protected AuthorizationService getService() { - return service; - } - + /** + * DOCUMENT ME! + */ + private AuthorizationRule rule1; + + /** + * DOCUMENT ME! + */ + private AuthorizationRule rule2; + + /** + * DOCUMENT ME! + */ + private AuthorizationRule rule3; + + /** + * DOCUMENT ME! + */ + private AuthorizationService service; + + /** + * DOCUMENT ME! + * + * @return DOCUMENT ME! + */ + protected AuthorizationService getService() { + return service; + } + /* (non-Javadoc) * @see junit.framework.TestCase#setUp() */ + /** + * DOCUMENT ME! + * + * @throws Exception DOCUMENT ME! + */ @Override protected void setUp() throws Exception { super.setUp(); - - rule1 = createRule(GRANTED, "users", "/oni/", AllOperation.class); - rule2 = createRule(DENIED, "users", "/abc/", ReadOperation.class); - rule3 = createRule(GRANTED, "users", "/abc/", AllOperation.class); - - service = createService(); - service.appendRule(rule1); + + rule1 = createRule(GRANTED, "users", "/oni/", AllOperation.class); + rule2 = createRule(DENIED, "users", "/abc/", ReadOperation.class); + rule3 = createRule(GRANTED, "users", "/abc/", AllOperation.class); + + service = createService(); + service.appendRule(rule1); service.appendRule(rule2); service.appendRule(rule3); } - - protected void resetTestRules() { - ((TestAuthorizationRule)rule1).reset(); - ((TestAuthorizationRule)rule2).reset(); - ((TestAuthorizationRule)rule3).reset(); + + /** + * DOCUMENT ME! + */ + protected void resetTestRules() { + ((TestAuthorizationRule) rule1).reset(); + ((TestAuthorizationRule) rule2).reset(); + ((TestAuthorizationRule) rule3).reset(); } - - protected UserAccessor createUserAccessor() { - return new TestUserAccessor(); + + /** + * DOCUMENT ME! + * + * @return DOCUMENT ME! + */ + protected UserAccessor createUserAccessor() { + return new TestUserAccessor(); } /** - * Creates an authorization service with some rules for testing. . - * @return Authorization service. + * Creates an authorization service with some rules for testing. . + * + * @return Authorization service. */ protected AuthorizationService createService() { - DefaultAuthorizationService service = new DefaultAuthorizationService() ; + DefaultAuthorizationService service = new DefaultAuthorizationService(); service.setUserAccessor(createUserAccessor()); + return service; } - - protected AuthorizationRule createRule(AuthorizationResult aResult, String aGroup, String aPath, Class aOperation) { + + /** + * DOCUMENT ME! + * + * @param aResult DOCUMENT ME! + * @param aGroup DOCUMENT ME! + * @param aPath DOCUMENT ME! + * @param aOperation DOCUMENT ME! + * + * @return DOCUMENT ME! + */ + protected AuthorizationRule createRule(AuthorizationResult aResult, + String aGroup, String aPath, Class aOperation) { return new TestAuthorizationRule(aResult, aGroup, aPath, aOperation); } - - protected void checkMatchCount(int aCount, AuthorizationRule aRule) { - assertEquals( aCount, ((TestAuthorizationRule)aRule).getMatchCount()); + + /** + * DOCUMENT ME! + * + * @param aCount DOCUMENT ME! + * @param aRule DOCUMENT ME! + */ + protected void checkMatchCount(int aCount, AuthorizationRule aRule) { + assertEquals(aCount, ((TestAuthorizationRule) aRule).getMatchCount()); } - - protected Object createResource(String aPath) { + + /** + * DOCUMENT ME! + * + * @param aPath DOCUMENT ME! + * + * @return DOCUMENT ME! + */ + protected Object createResource(String aPath) { return new TestResource(aPath); } - - protected void checkRuleCount(int aCount) { + + /** + * DOCUMENT ME! + * + * @param aCount DOCUMENT ME! + */ + protected void checkRuleCount(int aCount) { // Empty } - + /** - * Several checks to verify the outcome of matching against the first rule. - * + * Several checks to verify the outcome of matching against the + * first rule. */ - public void testFirstRuleGrants() { - assertTrue( service.isAllowed(createResource("/oni/xyz.jpg"), new ReadOperation())); + public void testFirstRuleGrants() { + assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"), + new ReadOperation())); checkMatchCount(1, rule1); - assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"), new WriteOperation())); + assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"), + new WriteOperation())); checkMatchCount(2, rule1); - assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"), new DeleteOperation())); + assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"), + new DeleteOperation())); checkMatchCount(3, rule1); - assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"), new CreateOperation())); + assertTrue(service.isAllowed(createResource("/oni/xyz.jpg"), + new CreateOperation())); checkMatchCount(4, rule1); checkMatchCount(0, rule2); checkMatchCount(0, rule3); } - + /** - * Verify that a match with the second rule leads to a denial of authorization. - * + * Verify that a match with the second rule leads to a denial of + * authorization. */ public void testSecondRuleDenies() { - assertFalse(service.isAllowed(createResource("/abc/xyz.jpg"), new ReadOperation())); + assertFalse(service.isAllowed(createResource("/abc/xyz.jpg"), + new ReadOperation())); checkMatchCount(0, rule1); checkMatchCount(1, rule2); checkMatchCount(0, rule3); } - + /** - * Verifies that the third rule is used when appropriate and that it grants access. - * + * Verifies that the third rule is used when appropriate and that + * it grants access. */ - public void testThirdRuleGrants() { - assertTrue(service.isAllowed(createResource("/abc/xyz.jpg"), new WriteOperation())); - checkMatchCount(0, rule1); + public void testThirdRuleGrants() { + assertTrue(service.isAllowed(createResource("/abc/xyz.jpg"), + new WriteOperation())); + checkMatchCount(0, rule1); checkMatchCount(0, rule2); - checkMatchCount(1, rule3); + checkMatchCount(1, rule3); } - + /** - * Removes a rule and checks it is removed. - * + * Removes a rule and checks it is removed. */ - public void testRemoveRule() { + public void testRemoveRule() { checkRuleCount(3); - assertTrue(service.isAllowed(createResource("/abc/xyz.jpg"), new WriteOperation())); - service.removeRule(2); - assertFalse(service.isAllowed(createResource("/abc/xyz.jpg"), new WriteOperation())); + assertTrue(service.isAllowed(createResource("/abc/xyz.jpg"), + new WriteOperation())); + service.removeRule(2); + assertFalse(service.isAllowed(createResource("/abc/xyz.jpg"), + new WriteOperation())); checkRuleCount(2); } - + /** - * Inserts a rule and checks it is inserted. - * + * Inserts a rule and checks it is inserted. */ public void testInsertRule() { checkRuleCount(3); - assertFalse(service.isAllowed(createResource("/janse/xyz.jpg"), new WriteOperation())); - service.appendRule(createRule(GRANTED, "users", "/janse/", WriteOperation.class)); - assertTrue(service.isAllowed(createResource("/janse/xyz.jpg"), new WriteOperation())); + assertFalse(service.isAllowed(createResource("/janse/xyz.jpg"), + new WriteOperation())); + service.appendRule(createRule(GRANTED, "users", "/janse/", + WriteOperation.class)); + assertTrue(service.isAllowed(createResource("/janse/xyz.jpg"), + new WriteOperation())); checkRuleCount(4); - } - + /** - * Gets the rules. Verifies that all rules are obtained. - * + * Gets the rules. Verifies that all rules are obtained. */ - public void testGetRules() { + public void testGetRules() { AuthorizationRule[] rules = service.getRules(); - assertEquals(3, rules.length); + assertEquals(3, rules.length); } - + /** - * Verifies that when no rules match, access is denied. - * + * Verifies that when no rules match, access is denied. */ - public void testNoRulesSupportResource() { - assertFalse(service.isAllowed(createResource("/xyxyxyxy"), new ReadOperation())); - checkMatchCount(0, rule1); + public void testNoRulesSupportResource() { + assertFalse(service.isAllowed(createResource("/xyxyxyxy"), + new ReadOperation())); + checkMatchCount(0, rule1); checkMatchCount(0, rule2); - checkMatchCount(0, rule3); + checkMatchCount(0, rule3); } }