X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;f=security%2Fsrc%2Ftest%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FUrlAuthorizationRuleTest.java;h=b2353b89f9a1286591fab1259fddb3584beaa7e3;hb=17775e14ecfb286e59f67117e5cee7e21e95ab1f;hp=9cc92870f1ed8268f43793a2c680e87841f57f67;hpb=162af365e45e54e5e8d656be276914df2005eaec;p=utils diff --git a/security/src/test/java/org/wamblee/security/authorization/UrlAuthorizationRuleTest.java b/security/src/test/java/org/wamblee/security/authorization/UrlAuthorizationRuleTest.java index 9cc92870..b2353b89 100644 --- a/security/src/test/java/org/wamblee/security/authorization/UrlAuthorizationRuleTest.java +++ b/security/src/test/java/org/wamblee/security/authorization/UrlAuthorizationRuleTest.java @@ -1,5 +1,5 @@ /* - * Copyright 2005 the original author or authors. + * Copyright 2005-2010 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -13,77 +13,84 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package org.wamblee.security.authorization; +import junit.framework.TestCase; import static org.wamblee.security.authorization.AuthorizationResult.GRANTED; import static org.wamblee.security.authorization.AuthorizationResult.UNDECIDED; import static org.wamblee.security.authorization.AuthorizationResult.UNSUPPORTED_RESOURCE; -import junit.framework.TestCase; import org.wamblee.usermgt.User; - /** - * Tests for the {@link org.wamblee.security.authorization.UrlAuthorizationRule}. + * Tests for the {@link org.wamblee.security.authorization.UrlAuthorizationRule} + * . + * + * @author Erik Brakkee */ public class UrlAuthorizationRuleTest extends TestCase { - /** - * Constructs the rule with a result of UNDECIDED. Verifies that an IllegalArgumentException - * is thrown. - * + * Constructs the rule with a result of UNDECIDED. Verifies that an + * IllegalArgumentException is thrown. */ - public void testConstructWithUndecidedResult() { - try { - new TestAuthorizationRule(UNDECIDED, "users", "/path", ReadOperation.class); + public void testConstructWithUndecidedResult() { + try { + new TestAuthorizationRule(UNDECIDED, "users", "/path", + ReadOperation.class); fail(); - } catch (IllegalArgumentException e) { - // ok + } catch (IllegalArgumentException e) { + // ok } } - + /** - * Constructs the rule with a result of UNSUPPORTED_RESOURCE. Verifies that an IllegalArgumentException - * is thrown. - * + * Constructs the rule with a result of UNSUPPORTED_RESOURCE. Verifies that + * an IllegalArgumentException is thrown. */ - public void testConstructWithUnsupportedResult() { - try { - new TestAuthorizationRule(UNSUPPORTED_RESOURCE, "users", "/path", ReadOperation.class); + public void testConstructWithUnsupportedResult() { + try { + new TestAuthorizationRule(UNSUPPORTED_RESOURCE, "users", "/path", + ReadOperation.class); fail(); - } catch (IllegalArgumentException e) { - // ok + } catch (IllegalArgumentException e) { + // ok } } - + /** - * Constructs the authorization rule and applies it to an unsupported object type. - * Verifies that the result is UNSUPPORTED_RESOURCE. - * + * Constructs the authorization rule and applies it to an unsupported object + * type. Verifies that the result is UNSUPPORTED_RESOURCE. */ - public void testUnsupportedObject() { - AuthorizationRule rule = new TestAuthorizationRule(GRANTED, "users", "/path", ReadOperation.class); - assertEquals(UNSUPPORTED_RESOURCE, rule.isAllowed("hello", new ReadOperation(), new TestUserAccessor().getCurrentUser())); + public void testUnsupportedObject() { + AuthorizationRule rule = new TestAuthorizationRule(GRANTED, "users", + "/path", ReadOperation.class); + assertEquals(UNSUPPORTED_RESOURCE, rule.isAllowed("hello", + new ReadOperation(), new TestUserAccessor().getCurrentUser())); } - - public void testMatchingScenarios() { - AuthorizationRule rule = new TestAuthorizationRule(GRANTED, "users", "/path/", ReadOperation.class); + + public void testMatchingScenarios() { + AuthorizationRule rule = new TestAuthorizationRule(GRANTED, "users", + "/path/", ReadOperation.class); User user = new TestUserAccessor().getCurrentUser(); - + // everything matches - assertEquals(GRANTED, rule.isAllowed(new TestResource("/path/a"), new ReadOperation(), user)); - assertEquals(GRANTED, rule.isAllowed(new TestResource("/path/"), new ReadOperation(), user)); - - // path does not match. - assertEquals(UNDECIDED, rule.isAllowed(new TestResource("/path"), new ReadOperation(), user)); - - // operation does not match. - assertEquals(UNDECIDED, rule.isAllowed(new TestResource("/path/"), new WriteOperation(), user)); - - // group does not match. - AuthorizationRule rule2 = new TestAuthorizationRule(GRANTED, "users2", "/path/", ReadOperation.class); - assertEquals(UNDECIDED, rule2.isAllowed(new TestResource("/path/a"), new ReadOperation(), user)); + assertEquals(GRANTED, rule.isAllowed(new TestResource("/path/a"), + new ReadOperation(), user)); + assertEquals(GRANTED, rule.isAllowed(new TestResource("/path/"), + new ReadOperation(), user)); + + // path does not match. + assertEquals(UNDECIDED, rule.isAllowed(new TestResource("/path"), + new ReadOperation(), user)); + + // operation does not match. + assertEquals(UNDECIDED, rule.isAllowed(new TestResource("/path/"), + new WriteOperation(), user)); + + // group does not match. + AuthorizationRule rule2 = new TestAuthorizationRule(GRANTED, "users2", + "/path/", ReadOperation.class); + assertEquals(UNDECIDED, rule2.isAllowed(new TestResource("/path/a"), + new ReadOperation(), user)); } - }