X-Git-Url: http://wamblee.org/gitweb/?a=blobdiff_plain;f=security%2Fusermgt%2Fsrc%2Ftest%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FUrlAuthorizationRuleTest.java;fp=security%2Fusermgt%2Fsrc%2Ftest%2Fjava%2Forg%2Fwamblee%2Fsecurity%2Fauthorization%2FUrlAuthorizationRuleTest.java;h=335a606e3f83672dc3e331e483f3e78c1f26ef13;hb=9449ea0f360f6e9c14057db57f3ee0bfba947ab4;hp=0000000000000000000000000000000000000000;hpb=e8b988e92306a4aea2f047af1b48588147288831;p=utils diff --git a/security/usermgt/src/test/java/org/wamblee/security/authorization/UrlAuthorizationRuleTest.java b/security/usermgt/src/test/java/org/wamblee/security/authorization/UrlAuthorizationRuleTest.java new file mode 100644 index 00000000..335a606e --- /dev/null +++ b/security/usermgt/src/test/java/org/wamblee/security/authorization/UrlAuthorizationRuleTest.java @@ -0,0 +1,103 @@ +/* + * Copyright 2005-2010 the original author or authors. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.wamblee.security.authorization; + +import static org.wamblee.security.authorization.AuthorizationResult.*; +import junit.framework.TestCase; + +/** + * Tests for the {@link org.wamblee.security.authorization.UrlAuthorizationRule} + * . + * + * @author Erik Brakkee + */ +public class UrlAuthorizationRuleTest extends TestCase { + + private TestUserAccessor userAccessor; + + public void setUp() { + userAccessor = new TestUserAccessor(); + + } + + /** + * Constructs the rule with a result of UNDECIDED. Verifies that an + * IllegalArgumentException is thrown. + */ + public void testConstructWithUndecidedResult() { + try { + new TestAuthorizationRule(UNDECIDED, "users", "/path", + ReadOperation.class); + fail(); + } catch (IllegalArgumentException e) { + // ok + } + } + + /** + * Constructs the rule with a result of UNSUPPORTED_RESOURCE. Verifies that + * an IllegalArgumentException is thrown. + */ + public void testConstructWithUnsupportedResult() { + try { + new TestAuthorizationRule(UNSUPPORTED_RESOURCE, "users", "/path", + ReadOperation.class); + fail(); + } catch (IllegalArgumentException e) { + // ok + } + } + + /** + * Constructs the authorization rule and applies it to an unsupported object + * type. Verifies that the result is UNSUPPORTED_RESOURCE. + */ + public void testUnsupportedObject() { + AuthorizationRule rule = new TestAuthorizationRule(GRANTED, "users", + "/path", ReadOperation.class); + rule.setUserAdministration(userAccessor.getUserAdmin()); + assertEquals(UNSUPPORTED_RESOURCE, rule.isAllowed("hello", + new ReadOperation(), userAccessor.getCurrentUser())); + } + + public void testMatchingScenarios() { + AuthorizationRule rule = new TestAuthorizationRule(GRANTED, "users", + "/path/", ReadOperation.class); + rule.setUserAdministration(userAccessor.getUserAdmin()); + String user = userAccessor.getCurrentUser(); + + // everything matches + assertEquals(GRANTED, rule.isAllowed(new TestResource("/path/a"), + new ReadOperation(), user)); + assertEquals(GRANTED, rule.isAllowed(new TestResource("/path/"), + new ReadOperation(), user)); + + // path does not match. + assertEquals(UNDECIDED, rule.isAllowed(new TestResource("/path"), + new ReadOperation(), user)); + + // operation does not match. + assertEquals(UNDECIDED, rule.isAllowed(new TestResource("/path/"), + new WriteOperation(), user)); + + // group does not match. + AuthorizationRule rule2 = new TestAuthorizationRule(GRANTED, "users2", + "/path/", ReadOperation.class); + rule2.setUserAdministration(userAccessor.getUserAdmin()); + assertEquals(UNDECIDED, rule2.isAllowed(new TestResource("/path/a"), + new ReadOperation(), user)); + } +}