1   /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity.taglibs.authz;
17  
18  import junit.framework.TestCase;
19  
20  import org.acegisecurity.GrantedAuthority;
21  import org.acegisecurity.GrantedAuthorityImpl;
22  
23  import org.acegisecurity.context.SecurityContextHolder;
24  
25  import org.acegisecurity.providers.TestingAuthenticationToken;
26  
27  import org.springframework.mock.web.MockPageContext;
28  
29  import javax.servlet.jsp.JspException;
30  import javax.servlet.jsp.tagext.Tag;
31  
32  
33  /**
34   * Test case to implement commons-el expression language expansion.
35   */
36  public class AuthorizeTagExpressionLanguageTests extends TestCase {
37      //~ Instance fields ================================================================================================
38  
39      private final AuthorizeTag authorizeTag = new AuthorizeTag();
40      private MockPageContext pageContext;
41      private TestingAuthenticationToken currentUser;
42  
43      //~ Methods ========================================================================================================
44  
45      protected void setUp() throws Exception {
46          super.setUp();
47  
48          pageContext = new MockPageContext();
49          authorizeTag.setPageContext(pageContext);
50  
51          currentUser = new TestingAuthenticationToken("abc", "123",
52                  new GrantedAuthority[] {new GrantedAuthorityImpl("ROLE_TELLER"),});
53  
54          SecurityContextHolder.getContext().setAuthentication(currentUser);
55      }
56  
57      protected void tearDown() throws Exception {
58          SecurityContextHolder.clearContext();
59      }
60  
61      public void testAllGrantedUsesExpressionLanguageWhenExpressionIsEL()
62          throws JspException {
63          pageContext.setAttribute("authority", "ROLE_TELLER");
64          authorizeTag.setIfAllGranted("${authority}");
65  
66          assertEquals("allows body - authority var contains ROLE_TELLER", Tag.EVAL_BODY_INCLUDE,
67              authorizeTag.doStartTag());
68      }
69  
70      public void testAnyGrantedUsesExpressionLanguageWhenExpressionIsEL()
71          throws JspException {
72          pageContext.setAttribute("authority", "ROLE_TELLER");
73          authorizeTag.setIfAnyGranted("${authority}");
74  
75          assertEquals("allows body - authority var contains ROLE_TELLER", Tag.EVAL_BODY_INCLUDE,
76              authorizeTag.doStartTag());
77      }
78  
79      public void testNotGrantedUsesExpressionLanguageWhenExpressionIsEL()
80          throws JspException {
81          pageContext.setAttribute("authority", "ROLE_TELLER");
82          authorizeTag.setIfNotGranted("${authority}");
83  
84          assertEquals("allows body - authority var contains ROLE_TELLER", Tag.SKIP_BODY, authorizeTag.doStartTag());
85      }
86  }