AuthorizeTagTests xref


1   /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity.taglibs.authz;
17  
18  import junit.framework.TestCase;
19  
20  import org.acegisecurity.GrantedAuthority;
21  import org.acegisecurity.GrantedAuthorityImpl;
22  
23  import org.acegisecurity.context.SecurityContextHolder;
24  
25  import org.acegisecurity.providers.TestingAuthenticationToken;
26  
27  import javax.servlet.jsp.JspException;
28  import javax.servlet.jsp.tagext.Tag;
29  
30  
31  /**
32   * DOCUMENT ME!
33   *
34   * @author Francois Beausoleil
35   * @version $Id: AuthorizeTagTests.java 1738 2006-11-14 01:55:44Z benalex $
36   */
37  public class AuthorizeTagTests extends TestCase {
38      //~ Instance fields ================================================================================================
39  
40      private final AuthorizeTag authorizeTag = new AuthorizeTag();
41      private TestingAuthenticationToken currentUser;
42  
43      //~ Methods ========================================================================================================
44  
45      protected void setUp() throws Exception {
46          super.setUp();
47  
48          currentUser = new TestingAuthenticationToken("abc", "123",
49                  new GrantedAuthority[] {
50                      new GrantedAuthorityImpl("ROLE SUPERVISOR"), new GrantedAuthorityImpl("ROLE_TELLER"),
51                  });
52  
53          SecurityContextHolder.getContext().setAuthentication(currentUser);
54      }
55  
56      protected void tearDown() throws Exception {
57          SecurityContextHolder.clearContext();
58      }
59  
60      public void testAlwaysReturnsUnauthorizedIfNoUserFound()
61          throws JspException {
62          SecurityContextHolder.getContext().setAuthentication(null);
63  
64          authorizeTag.setIfAllGranted("ROLE_TELLER");
65          assertEquals("prevents request - no principal in Context", Tag.SKIP_BODY, authorizeTag.doStartTag());
66      }
67  
68      public void testDefaultsToNotOutputtingBodyWhenNoRequiredAuthorities()
69          throws JspException {
70          assertEquals("", authorizeTag.getIfAllGranted());
71          assertEquals("", authorizeTag.getIfAnyGranted());
72          assertEquals("", authorizeTag.getIfNotGranted());
73  
74          assertEquals("prevents body output - no authorities granted", Tag.SKIP_BODY, authorizeTag.doStartTag());
75      }
76  
77      public void testOutputsBodyIfOneRolePresent() throws JspException {
78          authorizeTag.setIfAnyGranted("ROLE_TELLER");
79          assertEquals("authorized - ROLE_TELLER in both sets", Tag.EVAL_BODY_INCLUDE, authorizeTag.doStartTag());
80      }
81  
82      public void testOutputsBodyWhenAllGranted() throws JspException {
83          authorizeTag.setIfAllGranted("ROLE SUPERVISOR,ROLE_TELLER");
84          assertEquals("allows request - all required roles granted on principal", Tag.EVAL_BODY_INCLUDE,
85              authorizeTag.doStartTag());
86      }
87  
88      public void testOutputsBodyWhenNotGrantedSatisfied()
89          throws JspException {
90          authorizeTag.setIfNotGranted("ROLE_BANKER");
91          assertEquals("allows request - principal doesn't have ROLE_BANKER", Tag.EVAL_BODY_INCLUDE,
92              authorizeTag.doStartTag());
93      }
94  
95      public void testPreventsBodyOutputIfNoSecurityContext()
96          throws JspException {
97          SecurityContextHolder.getContext().setAuthentication(null);
98          authorizeTag.setIfAnyGranted("ROLE_BANKER");
99  
100         assertEquals("prevents output - no context defined", Tag.SKIP_BODY, authorizeTag.doStartTag());
101     }
102 
103     public void testSkipsBodyIfNoAnyRolePresent() throws JspException {
104         authorizeTag.setIfAnyGranted("ROLE_BANKER");
105         assertEquals("unauthorized - ROLE_BANKER not in granted authorities", Tag.SKIP_BODY, authorizeTag.doStartTag());
106     }
107 
108     public void testSkipsBodyWhenMissingAnAllGranted()
109         throws JspException {
110         authorizeTag.setIfAllGranted("ROLE SUPERVISOR,ROLE_TELLER,ROLE_BANKER");
111         assertEquals("prevents request - missing ROLE_BANKER on principal", Tag.SKIP_BODY, authorizeTag.doStartTag());
112     }
113 
114     public void testSkipsBodyWhenNotGrantedUnsatisfied()
115         throws JspException {
116         authorizeTag.setIfNotGranted("ROLE_TELLER");
117         assertEquals("prevents request - principal has ROLE_TELLER", Tag.SKIP_BODY, authorizeTag.doStartTag());
118     }
119 }