001: /*
002: * Copyright 2005-2007 The Kuali Foundation.
003: *
004: * Licensed under the Educational Community License, Version 1.0 (the "License");
005: * you may not use this file except in compliance with the License.
006: * You may obtain a copy of the License at
007: *
008: * http://www.opensource.org/licenses/ecl1.php
009: *
010: * Unless required by applicable law or agreed to in writing, software
011: * distributed under the License is distributed on an "AS IS" BASIS,
012: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013: * See the License for the specific language governing permissions and
014: * limitations under the License.
015: */
016: package org.kuali.core.authorization;
017:
018: import java.util.Arrays;
019:
020: import org.junit.Test;
021: import org.kuali.core.bo.user.AuthenticationUserId;
022: import org.kuali.core.bo.user.KualiGroup;
023: import org.kuali.core.bo.user.UniversalUser;
024: import org.kuali.core.exceptions.GroupNotFoundException;
025: import org.kuali.core.exceptions.UserNotFoundException;
026: import org.kuali.rice.KNSServiceLocator;
027: import org.kuali.test.KNSTestBase;
028: import org.kuali.test.KNSWithTestSpringContext;
029:
030: @KNSWithTestSpringContext
031: public class AuthorizationStoreTest extends KNSTestBase {
032: private static final String NAME_OF_WORKGROUP_WITH_NO_MEMBERS = "KUALI_PED";
033: private static final String LEGIT_WORKGROUP_NAME_1 = "KUALI_OPERATIONS";
034: private static final String LEGIT_WORKGROUP_NAME_2 = "KUALI_ROLE_MAINTENANCE";
035:
036: private static final String NAME_OF_USER_THAT_BELONGS_TO_NO_WORKGROUPS = "quickstart";
037: private static final String NAME_OF_USER_THAT_BELONGS_TO_LEGIT_WORKGROUP_NAME_1 = "user4";
038: private static final String NAME_OF_USER_THAT_BELONGS_TO_LEGIT_WORKGROUP_NAME_2 = "fred";
039: private static final String NAME_OF_USER_THAT_BELONGS_TO_LEGIT_WORKGROUPS_1_AND_2 = "fran";
040:
041: private static final String ACTION1 = "action1";
042: private static final String ACTION2 = "action2";
043:
044: private static final String TARGETTYPE1 = "target1";
045: private static final String TARGETTYPE2 = "target2";
046:
047: KualiGroup workgroupWithNoMembers;
048: KualiGroup legitWorkgroupOne;
049: KualiGroup legitWorkgroupTwo;
050:
051: UniversalUser userThatBelongsToNoWorkgroups;
052: UniversalUser userThatBelongsToLegitWorkgroupOne;
053: UniversalUser userThatBelongsToLegitWorkgroupTwo;
054: UniversalUser userThatBelongsToAllWorkgroups;
055:
056: AuthorizationStore authorizationStore;
057:
058: @Override
059: public void setUp() throws Exception {
060: super .setUp();
061:
062: authorizationStore = new AuthorizationStore();
063:
064: workgroupWithNoMembers = buildGroup(NAME_OF_WORKGROUP_WITH_NO_MEMBERS);
065: legitWorkgroupOne = buildGroup(LEGIT_WORKGROUP_NAME_1);
066: legitWorkgroupTwo = buildGroup(LEGIT_WORKGROUP_NAME_2);
067:
068: userThatBelongsToNoWorkgroups = buildUser(
069: NAME_OF_USER_THAT_BELONGS_TO_NO_WORKGROUPS,
070: new KualiGroup[] {});
071: userThatBelongsToLegitWorkgroupOne = buildUser(
072: NAME_OF_USER_THAT_BELONGS_TO_LEGIT_WORKGROUP_NAME_1,
073: new KualiGroup[] { legitWorkgroupOne });
074: userThatBelongsToLegitWorkgroupTwo = buildUser(
075: NAME_OF_USER_THAT_BELONGS_TO_LEGIT_WORKGROUP_NAME_2,
076: new KualiGroup[] { legitWorkgroupTwo });
077: userThatBelongsToAllWorkgroups = buildUser(
078: NAME_OF_USER_THAT_BELONGS_TO_LEGIT_WORKGROUPS_1_AND_2,
079: new KualiGroup[] { legitWorkgroupOne, legitWorkgroupTwo });
080: }
081:
082: @Test
083: public final void testAddAuthorization_emptyGroupName() {
084: boolean failedAsExpected = false;
085:
086: try {
087: authorizationStore.addAuthorization(null, ACTION1,
088: TARGETTYPE1);
089: } catch (IllegalArgumentException e) {
090: failedAsExpected = true;
091: }
092:
093: assertTrue(failedAsExpected);
094: }
095:
096: @Test
097: public final void testAddAuthorization_emptyAction() {
098: boolean failedAsExpected = false;
099:
100: try {
101: authorizationStore.addAuthorization(LEGIT_WORKGROUP_NAME_1,
102: "", TARGETTYPE1);
103: } catch (IllegalArgumentException e) {
104: failedAsExpected = true;
105: }
106:
107: assertTrue(failedAsExpected);
108: }
109:
110: @Test
111: public final void testAddAuthorization_emptyTargetType() {
112: boolean failedAsExpected = false;
113:
114: try {
115: authorizationStore.addAuthorization(LEGIT_WORKGROUP_NAME_1,
116: ACTION1, " ");
117: } catch (IllegalArgumentException e) {
118: failedAsExpected = true;
119: }
120:
121: assertTrue(failedAsExpected);
122: }
123:
124: @Test
125: public final void testAddAuthorization() {
126: authorizationStore.addAuthorization(LEGIT_WORKGROUP_NAME_1,
127: ACTION1, TARGETTYPE1);
128: assertTrue(authorizationStore.isAuthorized(
129: userThatBelongsToLegitWorkgroupOne, ACTION1,
130: TARGETTYPE1));
131: }
132:
133: @Test
134: public final void testIsAuthorized_nullUser() {
135: boolean failedAsExpected = false;
136:
137: try {
138: authorizationStore.isAuthorized(null, ACTION1, TARGETTYPE1);
139: } catch (IllegalArgumentException e) {
140: failedAsExpected = true;
141: }
142:
143: assertTrue(failedAsExpected);
144: }
145:
146: @Test
147: public final void testIsAuthorized_blankAction() {
148: boolean failedAsExpected = false;
149:
150: try {
151: authorizationStore.isAuthorized(
152: userThatBelongsToLegitWorkgroupOne, " ",
153: TARGETTYPE1);
154: } catch (IllegalArgumentException e) {
155: failedAsExpected = true;
156: }
157:
158: assertTrue(failedAsExpected);
159: }
160:
161: @Test
162: public final void testIsAuthorized_nullTarget() {
163: boolean failedAsExpected = false;
164:
165: try {
166: authorizationStore.isAuthorized(
167: userThatBelongsToLegitWorkgroupOne, ACTION1, null);
168: } catch (IllegalArgumentException e) {
169: failedAsExpected = true;
170: }
171:
172: assertTrue(failedAsExpected);
173: }
174:
175: @Test
176: public final void testIsAuthorized_noAuthorizations() {
177: assertFalse(authorizationStore.isAuthorized(
178: userThatBelongsToNoWorkgroups, ACTION1, TARGETTYPE1));
179: }
180:
181: @Test
182: public final void testIsAuthorized_unauthorizedGroup() {
183: authorizationStore.addAuthorization(LEGIT_WORKGROUP_NAME_1,
184: ACTION1, TARGETTYPE1);
185:
186: assertFalse(authorizationStore.isAuthorized(
187: userThatBelongsToLegitWorkgroupTwo, ACTION1,
188: TARGETTYPE1));
189: }
190:
191: @Test
192: public final void testIsAuthorized_authorizedGroup_wrongAction() {
193: authorizationStore.addAuthorization(LEGIT_WORKGROUP_NAME_1,
194: ACTION1, TARGETTYPE1);
195:
196: assertFalse(authorizationStore.isAuthorized(
197: userThatBelongsToLegitWorkgroupOne, ACTION2,
198: TARGETTYPE1));
199: }
200:
201: @Test
202: public final void testIsAuthorized_authorizedGroup_wrongTarget() {
203: authorizationStore.addAuthorization(LEGIT_WORKGROUP_NAME_1,
204: ACTION1, TARGETTYPE1);
205:
206: assertFalse(authorizationStore.isAuthorized(
207: userThatBelongsToLegitWorkgroupOne, ACTION1,
208: TARGETTYPE2));
209: }
210:
211: @Test
212: public final void testIsAuthorized_singleGroupAuth_singleGroupUser() {
213: authorizationStore.addAuthorization(LEGIT_WORKGROUP_NAME_1,
214: ACTION1, TARGETTYPE1);
215:
216: assertTrue(authorizationStore.isAuthorized(
217: userThatBelongsToLegitWorkgroupOne, ACTION1,
218: TARGETTYPE1));
219: }
220:
221: @Test
222: public final void testIsAuthorized_multiGroupAuth_singleGroupUser() {
223: authorizationStore.addAuthorization(LEGIT_WORKGROUP_NAME_1,
224: ACTION1, TARGETTYPE1);
225: authorizationStore.addAuthorization(LEGIT_WORKGROUP_NAME_2,
226: ACTION1, TARGETTYPE1);
227:
228: assertFalse(authorizationStore.isAuthorized(
229: userThatBelongsToLegitWorkgroupOne, ACTION1,
230: TARGETTYPE1));
231: }
232:
233: @Test
234: public final void testIsAuthorized_singleGroupAuth_multiGroupUser() {
235: authorizationStore.addAuthorization(LEGIT_WORKGROUP_NAME_1,
236: ACTION1, TARGETTYPE1);
237:
238: assertTrue(authorizationStore.isAuthorized(
239: userThatBelongsToAllWorkgroups, ACTION1, TARGETTYPE1));
240: }
241:
242: @Test
243: public final void testIsAuthorized_multiGroupAuth_multiGroupUser() {
244: authorizationStore.addAuthorization(LEGIT_WORKGROUP_NAME_1,
245: ACTION1, TARGETTYPE1);
246: authorizationStore.addAuthorization(LEGIT_WORKGROUP_NAME_2,
247: ACTION1, TARGETTYPE1);
248:
249: assertTrue(authorizationStore.isAuthorized(
250: userThatBelongsToAllWorkgroups, ACTION1, TARGETTYPE1));
251: }
252:
253: private KualiGroup buildGroup(String groupName)
254: throws GroupNotFoundException {
255: KualiGroup group = KNSServiceLocator.getKualiGroupService()
256: .getByGroupName(groupName);
257: if (null == group) {
258: return group;
259: }
260: group.setGroupName(groupName);
261: return group;
262: }
263:
264: private UniversalUser buildUser(String userName, KualiGroup[] groups)
265: throws UserNotFoundException {
266: UniversalUser user = KNSServiceLocator
267: .getUniversalUserService().getUniversalUser(
268: new AuthenticationUserId(userName));
269: if (null == user) {
270: return user;
271: }
272: user.setGroups(Arrays.asList(groups));
273: return user;
274: }
275: }
|