AuthzImplTest xref


1   /* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity.taglibs.velocity;
17  
18  import junit.framework.TestCase;
19  
20  import org.acegisecurity.Authentication;
21  import org.acegisecurity.GrantedAuthority;
22  import org.acegisecurity.MockAclManager;
23  
24  import org.acegisecurity.acl.AclEntry;
25  import org.acegisecurity.acl.AclManager;
26  import org.acegisecurity.acl.basic.MockAclObjectIdentity;
27  import org.acegisecurity.acl.basic.SimpleAclEntry;
28  
29  import org.acegisecurity.context.SecurityContextHolder;
30  
31  import org.acegisecurity.providers.TestingAuthenticationToken;
32  
33  import org.acegisecurity.userdetails.User;
34  
35  import org.springframework.context.ConfigurableApplicationContext;
36  import org.springframework.context.support.StaticApplicationContext;
37  
38  
39  /**
40   * DOCUMENT ME!
41   */
42  public class AuthzImplTest extends TestCase {
43      //~ Instance fields ================================================================================================
44  
45      private Authz authz = new AuthzImpl();
46      private ConfigurableApplicationContext ctx;
47  
48      //~ Methods ========================================================================================================
49  
50      protected void setUp() throws Exception {
51          super.setUp();
52  
53          /*String[] paths = { "applicationEmpty.xml" };
54             ctx = new ClassPathXmlApplicationContext(paths);*/
55          ctx = new StaticApplicationContext();
56  
57          // Create an AclManager
58          AclManager aclManager = new MockAclManager("object1", "marissa",
59                  new AclEntry[] {
60                      new MockAclEntry(),
61                      new SimpleAclEntry("marissa", new MockAclObjectIdentity(), null, SimpleAclEntry.ADMINISTRATION),
62                      new SimpleAclEntry("marissa", new MockAclObjectIdentity(), null, SimpleAclEntry.READ)
63                  });
64  
65          // Register the AclManager into our ApplicationContext
66          ctx.getBeanFactory().registerSingleton("aclManager", aclManager);
67      }
68  
69      public void testIllegalArgumentExceptionThrownIfHasPermissionNotValidFormat() {
70          Authentication auth = new TestingAuthenticationToken("john", "crow", new GrantedAuthority[] {});
71          SecurityContextHolder.getContext().setAuthentication(auth);
72  
73          authz.setAppCtx(ctx);
74  
75          String permissions = "0,5, 6"; // shouldn't be any space
76  
77          try {
78              authz.hasPermission(null, permissions);
79          } catch (IllegalArgumentException iae) {
80              assertTrue(true);
81          }
82  
83          SecurityContextHolder.getContext().setAuthentication(null);
84      }
85  
86      public void testInclusionDeniedWhenAclManagerUnawareOfObject() {
87          Authentication auth = new TestingAuthenticationToken("marissa", "koala", new GrantedAuthority[] {});
88          SecurityContextHolder.getContext().setAuthentication(auth);
89  
90          authz.setAppCtx(ctx);
91  
92          boolean result = authz.hasPermission(new Integer(54), new Long(SimpleAclEntry.ADMINISTRATION).toString());
93  
94          assertFalse(result);
95  
96          SecurityContextHolder.getContext().setAuthentication(null);
97      }
98  
99      public void testInclusionDeniedWhenNoListOfPermissionsGiven() {
100         Authentication auth = new TestingAuthenticationToken("marissa", "koala", new GrantedAuthority[] {});
101         SecurityContextHolder.getContext().setAuthentication(auth);
102         authz.setAppCtx(ctx);
103 
104         boolean result = authz.hasPermission("object1", null);
105 
106         assertFalse(result);
107 
108         SecurityContextHolder.getContext().setAuthentication(null);
109     }
110 
111     public void testInclusionDeniedWhenPrincipalDoesNotHoldAnyPermissions() {
112         Authentication auth = new TestingAuthenticationToken("john", "crow", new GrantedAuthority[] {});
113         SecurityContextHolder.getContext().setAuthentication(auth);
114 
115         authz.setAppCtx(ctx);
116 
117         String permissions = new Integer(SimpleAclEntry.ADMINISTRATION) + "," + new Integer(SimpleAclEntry.READ);
118 
119         boolean result = authz.hasPermission("object1", permissions);
120 
121         assertFalse(result);
122 
123         SecurityContextHolder.getContext().setAuthentication(null);
124     }
125 
126     public void testInclusionDeniedWhenPrincipalDoesNotHoldRequiredPermissions() {
127         Authentication auth = new TestingAuthenticationToken("marissa", "koala", new GrantedAuthority[] {});
128         SecurityContextHolder.getContext().setAuthentication(auth);
129         authz.setAppCtx(ctx);
130 
131         String permissions = new Integer(SimpleAclEntry.DELETE).toString();
132 
133         boolean result = authz.hasPermission("object1", permissions);
134 
135         assertFalse(result);
136 
137         SecurityContextHolder.getContext().setAuthentication(null);
138     }
139 
140     public void testInclusionDeniedWhenSecurityContextEmpty() {
141         SecurityContextHolder.getContext().setAuthentication(null);
142 
143         authz.setAppCtx(ctx);
144 
145         String permissions = new Long(SimpleAclEntry.ADMINISTRATION).toString();
146 
147         boolean result = authz.hasPermission("object1", permissions);
148 
149         assertFalse(result);
150 
151         SecurityContextHolder.getContext().setAuthentication(null);
152     }
153 
154     public void testInclusionPermittedWhenDomainObjectIsNull() {
155         authz.setAppCtx(ctx);
156 
157         String permissions = new Integer(SimpleAclEntry.READ).toString();
158 
159         boolean result = authz.hasPermission(null, permissions);
160 
161         assertTrue(result);
162     }
163 
164     public void testOperationWhenPrincipalHoldsPermissionOfMultipleList() {
165         Authentication auth = new TestingAuthenticationToken("marissa", "koala", new GrantedAuthority[] {});
166         SecurityContextHolder.getContext().setAuthentication(auth);
167 
168         authz.setAppCtx(ctx);
169 
170         String permissions = new Integer(SimpleAclEntry.ADMINISTRATION) + "," + new Integer(SimpleAclEntry.READ);
171 
172         boolean result = authz.hasPermission("object1", permissions);
173 
174         assertTrue(result);
175 
176         SecurityContextHolder.getContext().setAuthentication(null);
177     }
178 
179     public void testOperationWhenPrincipalHoldsPermissionOfSingleList() {
180         Authentication auth = new TestingAuthenticationToken("marissa", "koala", new GrantedAuthority[] {});
181         SecurityContextHolder.getContext().setAuthentication(auth);
182 
183         authz.setAppCtx(ctx);
184 
185         String permissions = new Integer(SimpleAclEntry.READ).toString();
186 
187         boolean result = authz.hasPermission("object1", permissions);
188 
189         assertTrue(result);
190         SecurityContextHolder.getContext().setAuthentication(null);
191     }
192 
193     /*
194      * Test method for 'com.alibaba.exodus2.web.common.security.pulltool.AuthzImpl.getPrincipal()'
195      */
196     public void testOperationWhenPrincipalIsAString() {
197         Authentication auth = new TestingAuthenticationToken("marissaAsString", "koala", new GrantedAuthority[] {});
198         SecurityContextHolder.getContext().setAuthentication(auth);
199 
200         assertEquals("marissaAsString", authz.getPrincipal());
201     }
202 
203     public void testOperationWhenPrincipalIsAUserDetailsInstance() {
204         Authentication auth = new TestingAuthenticationToken(new User("marissaUserDetails", "koala", true, true, true,
205                     true, new GrantedAuthority[] {}), "koala", new GrantedAuthority[] {});
206         SecurityContextHolder.getContext().setAuthentication(auth);
207 
208         assertEquals("marissaUserDetails", authz.getPrincipal());
209     }
210 
211     public void testOperationWhenPrincipalIsNull() {
212         Authentication auth = new TestingAuthenticationToken(null, "koala", new GrantedAuthority[] {});
213         SecurityContextHolder.getContext().setAuthentication(auth);
214 
215         assertNull(authz.getPrincipal());
216     }
217 
218     public void testOperationWhenSecurityContextIsNull() {
219         SecurityContextHolder.getContext().setAuthentication(null);
220 
221         assertEquals(null, authz.getPrincipal());
222 
223         SecurityContextHolder.getContext().setAuthentication(null);
224     }
225 
226     //~ Inner Classes ==================================================================================================
227 
228     private class MockAclEntry implements AclEntry {
229         private static final long serialVersionUID = 1L;
230 
231         // just so AclTag iterates some different types of AclEntrys
232     }
233 }