001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017: package org.apache.wicket.authorization.strategies.role.annotations;
018:
019: import java.io.Serializable;
020: import java.lang.reflect.InvocationTargetException;
021:
022: import org.apache.wicket.Component;
023: import org.apache.wicket.Page;
024: import org.apache.wicket.authorization.IUnauthorizedComponentInstantiationListener;
025: import org.apache.wicket.authorization.UnauthorizedInstantiationException;
026: import org.apache.wicket.authorization.strategies.role.IRoleCheckingStrategy;
027: import org.apache.wicket.authorization.strategies.role.RoleAuthorizationStrategy;
028: import org.apache.wicket.authorization.strategies.role.Roles;
029: import org.apache.wicket.util.tester.ITestPageSource;
030: import org.apache.wicket.util.tester.WicketTester;
031:
032: import junit.framework.TestCase;
033:
034: /**
035: * Test the annotations package of the auth-roles project.
036: *
037: * @author Eelco Hillenius
038: */
039: public class AnnotationsRoleTest extends TestCase {
040: WicketTester tester;
041:
042: /**
043: * Construct.
044: */
045: public AnnotationsRoleTest() {
046: super ();
047: }
048:
049: /**
050: * Construct.
051: *
052: * @param arg0
053: */
054: public AnnotationsRoleTest(String arg0) {
055: super (arg0);
056: }
057:
058: @Override
059: protected void setUp() throws Exception {
060: tester = new WicketTester();
061: }
062:
063: @Override
064: protected void tearDown() throws Exception {
065: tester.destroy();
066: }
067:
068: /**
069: * @throws Exception
070: */
071: public void testClear() throws Exception {
072: tester.getApplication().getSecuritySettings()
073: .setAuthorizationStrategy(
074: new RoleAuthorizationStrategy(
075: new UserRolesAuthorizer("FOO")));
076: tester.startPage(new ITestPageSource() {
077: private static final long serialVersionUID = 1L;
078:
079: public Page getTestPage() {
080: return new NormalPage();
081: }
082: });
083: tester.assertRenderedPage(NormalPage.class);
084: }
085:
086: /**
087: * @throws Exception
088: */
089: public void testAuthorized() throws Exception {
090: WicketTester tester = new WicketTester();
091: tester.getApplication().getSecuritySettings()
092: .setAuthorizationStrategy(
093: new RoleAuthorizationStrategy(
094: new UserRolesAuthorizer("ADMIN")));
095: tester.startPage(new ITestPageSource() {
096: private static final long serialVersionUID = 1L;
097:
098: public Page getTestPage() {
099: return new AdminPage();
100: }
101: });
102: tester.assertRenderedPage(AdminPage.class);
103: }
104:
105: /**
106: * @throws Exception
107: */
108: public void testNotAuthorized() throws Exception {
109: WicketTester tester = new WicketTester();
110: tester.getApplication().getSecuritySettings()
111: .setAuthorizationStrategy(
112: new RoleAuthorizationStrategy(
113: new UserRolesAuthorizer("USER")));
114: final class Listener implements
115: IUnauthorizedComponentInstantiationListener {
116: private boolean eventReceived = false;
117:
118: public void onUnauthorizedInstantiation(Component component) {
119: eventReceived = true;
120: }
121: }
122: Listener listener = new Listener();
123: tester
124: .getApplication()
125: .getSecuritySettings()
126: .setUnauthorizedComponentInstantiationListener(listener);
127:
128: try {
129: tester.startPage(new ITestPageSource() {
130: private static final long serialVersionUID = 1L;
131:
132: public Page getTestPage() {
133: return new AdminPage();
134: }
135: });
136: assertTrue(
137: "an authorization exception event should have been received",
138: listener.eventReceived);
139: } catch (Exception e) {
140: if (!(e.getCause() instanceof InvocationTargetException && ((InvocationTargetException) e
141: .getCause()).getTargetException() instanceof UnauthorizedInstantiationException)) {
142: throw e;
143: }
144: }
145: }
146:
147: /**
148: * Authorizer class that uses the TS user and it's defined string[] roles.
149: */
150: private static final class UserRolesAuthorizer implements
151: IRoleCheckingStrategy, Serializable {
152: private static final long serialVersionUID = 1L;
153:
154: private final Roles roles;
155:
156: /**
157: * Construct.
158: *
159: * @param roles
160: */
161: public UserRolesAuthorizer(String roles) {
162: this .roles = new Roles(roles);
163: }
164:
165: /**
166: * @see org.apache.wicket.authorization.strategies.role.IRoleCheckingStrategy#hasAnyRole(Roles)
167: */
168: public boolean hasAnyRole(Roles roles) {
169: return this.roles.hasAnyRole(roles);
170: }
171: }
172: }
|