001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017: package org.apache.jetspeed.audit;
018:
019: import java.sql.Connection;
020: import java.sql.PreparedStatement;
021: import java.sql.ResultSet;
022: import java.sql.SQLException;
023:
024: import junit.framework.Test;
025: import junit.framework.TestSuite;
026:
027: import org.apache.jetspeed.audit.impl.ActivityBean;
028: import org.apache.jetspeed.components.util.DatasourceEnabledSpringTestCase;
029:
030: /**
031: * Test Audit Activity
032: *
033: * @author <a href="mailto:taylor@apache.org">David Sean Taylor </a>
034: * @version $Id: $
035: */
036: public class TestAuditActivity extends DatasourceEnabledSpringTestCase {
037:
038: private AuditActivity audit = null;
039:
040: /*
041: * (non-Javadoc)
042: *
043: * @see junit.framework.TestCase#tearDown()
044: */
045: protected void tearDown() throws Exception {
046: ctx.close();
047: super .tearDown();
048: }
049:
050: /**
051: * Start the tests.
052: *
053: * @param args
054: * the arguments. Not used
055: */
056: public static void main(String args[]) {
057: junit.awtui.TestRunner
058: .main(new String[] { TestAuditActivity.class.getName() });
059:
060: }
061:
062: protected void setUp() throws Exception {
063: super .setUp();
064:
065: this .audit = (AuditActivity) ctx
066: .getBean("org.apache.jetspeed.audit.AuditActivity");
067: assertNotNull("audit activity service not found ", this .audit);
068: }
069:
070: public void clearDBs() {
071: try {
072: Connection con = audit.getDataSource().getConnection();
073:
074: PreparedStatement psmt = con
075: .prepareStatement("DELETE FROM ADMIN_ACTIVITY");
076: psmt.execute();
077: psmt.close();
078: psmt = con.prepareStatement("DELETE FROM USER_ACTIVITY");
079: psmt.execute();
080: psmt.close();
081: if (con != null)
082: con.close();
083: } catch (SQLException e) {
084: fail("problem with database connection:" + e.toString());
085: }
086: }
087:
088: public int count(String query) {
089: int val = -1;
090: try {
091: Connection con = audit.getDataSource().getConnection();
092:
093: PreparedStatement psmt = con.prepareStatement(query);
094: ResultSet rs = psmt.executeQuery();
095:
096: if (rs.next()) {
097: val = rs.getInt(1);
098: }
099: psmt.close();
100: if (con != null)
101: con.close();
102: } catch (SQLException e) {
103: fail("problem with database connection:" + e.toString());
104: }
105: return val;
106: }
107:
108: public int countAdminActivity() {
109: return count("SELECT count(*) from ADMIN_ACTIVITY");
110: }
111:
112: public int countUserActivity() {
113: return count("SELECT count(*) from USER_ACTIVITY");
114: }
115:
116: public static Test suite() {
117: // All methods starting with "test" will be executed in the test suite.
118: return new TestSuite(TestAuditActivity.class);
119: }
120:
121: public void testUserActivity() throws Exception {
122: assertNotNull("Audit Activity service is null", audit);
123: clearDBs();
124:
125: audit.setEnabled(true);
126: assertTrue(audit.getEnabled());
127:
128: // Log User Activity
129: audit.logUserActivity(USER, IP1,
130: AuditActivity.AUTHENTICATION_SUCCESS,
131: MSG_AUTHENTICATION_SUCCESS);
132: audit.logUserActivity(USER, IP1,
133: AuditActivity.AUTHENTICATION_FAILURE,
134: MSG_AUTHENTICATION_FAILURE);
135:
136: int userCount = this .countUserActivity();
137: assertEquals(userCount, 2);
138:
139: ActivityBean userBean = lookupUserActivity(USER_QUERY,
140: AuditActivity.AUTHENTICATION_SUCCESS);
141: assertEquals(userBean.getActivity(),
142: AuditActivity.AUTHENTICATION_SUCCESS);
143: assertEquals(userBean.getCategory(),
144: AuditActivity.CAT_USER_AUTHENTICATION);
145: assertEquals(userBean.getUserName(), USER);
146: assertNotNull(userBean.getTimestamp());
147: assertEquals(userBean.getIpAddress(), IP1);
148: assertEquals(userBean.getDescription(),
149: MSG_AUTHENTICATION_SUCCESS);
150:
151: userBean = lookupUserActivity(USER_QUERY,
152: AuditActivity.AUTHENTICATION_FAILURE);
153: assertEquals(userBean.getActivity(),
154: AuditActivity.AUTHENTICATION_FAILURE);
155: assertEquals(userBean.getCategory(),
156: AuditActivity.CAT_USER_AUTHENTICATION);
157: assertEquals(userBean.getUserName(), USER);
158: assertNotNull(userBean.getTimestamp());
159: assertEquals(userBean.getIpAddress(), IP1);
160: assertEquals(userBean.getDescription(),
161: MSG_AUTHENTICATION_FAILURE);
162:
163: // Test logging User Attribute activity
164: audit.logUserAttributeActivity(USER, IP1,
165: AuditActivity.USER_ADD_ATTRIBUTE, ATTRIBUTE_NAME_1,
166: ATTRIBUTE_VALUE_BEFORE_1, ATTRIBUTE_VALUE_AFTER_1,
167: MSG_ATTRIBUTE);
168:
169: userBean = lookupUserActivity(USER_QUERY,
170: AuditActivity.USER_ADD_ATTRIBUTE);
171: assertEquals(userBean.getActivity(),
172: AuditActivity.USER_ADD_ATTRIBUTE);
173: assertEquals(userBean.getCategory(),
174: AuditActivity.CAT_USER_ATTRIBUTE);
175: assertEquals(userBean.getUserName(), USER);
176: assertNotNull(userBean.getTimestamp());
177: assertEquals(userBean.getIpAddress(), IP1);
178: assertEquals(userBean.getDescription(), MSG_ATTRIBUTE);
179: assertEquals(userBean.getBeforeValue(),
180: ATTRIBUTE_VALUE_BEFORE_1);
181: assertEquals(userBean.getAfterValue(), ATTRIBUTE_VALUE_AFTER_1);
182:
183: // Log Admin Activity
184: audit.logAdminUserActivity(ADMIN_USER, IP1, USER,
185: AuditActivity.USER_CREATE, MSG_ADDING_USER);
186: audit.logAdminCredentialActivity(ADMIN_USER, IP1, USER,
187: AuditActivity.PASSWORD_CHANGE_SUCCESS, MSG_CHANGING_PW);
188: audit.logAdminAttributeActivity(ADMIN_USER, IP1, USER,
189: AuditActivity.USER_ADD_ATTRIBUTE, ATTRIBUTE_NAME_1,
190: ATTRIBUTE_VALUE_BEFORE_1, ATTRIBUTE_VALUE_AFTER_1,
191: MSG_ATTRIBUTE);
192:
193: int adminCount = this .countAdminActivity();
194: assertEquals(adminCount, 3);
195:
196: ActivityBean adminBean = lookupAdminActivity(ADMIN_QUERY,
197: AuditActivity.USER_CREATE);
198: assertEquals(adminBean.getActivity(), AuditActivity.USER_CREATE);
199: assertEquals(adminBean.getCategory(),
200: AuditActivity.CAT_ADMIN_USER_MAINTENANCE);
201: assertEquals(adminBean.getAdmin(), ADMIN_USER);
202: assertEquals(adminBean.getUserName(), USER);
203: assertNotNull(adminBean.getTimestamp());
204: assertEquals(adminBean.getIpAddress(), IP1);
205: assertEquals(adminBean.getDescription(), MSG_ADDING_USER);
206: assertTrue(adminBean.getName() == null
207: || adminBean.getName().equals(""));
208: assertTrue(adminBean.getBeforeValue() == null
209: || adminBean.getBeforeValue().equals(""));
210: assertTrue(adminBean.getAfterValue() == null
211: || adminBean.getAfterValue().equals(""));
212:
213: adminBean = lookupAdminActivity(ADMIN_QUERY,
214: AuditActivity.PASSWORD_CHANGE_SUCCESS);
215: assertEquals(adminBean.getActivity(),
216: AuditActivity.PASSWORD_CHANGE_SUCCESS);
217: assertEquals(adminBean.getCategory(),
218: AuditActivity.CAT_ADMIN_CREDENTIAL_MAINTENANCE);
219: assertEquals(adminBean.getAdmin(), ADMIN_USER);
220: assertEquals(adminBean.getUserName(), USER);
221: assertNotNull(adminBean.getTimestamp());
222: assertEquals(adminBean.getIpAddress(), IP1);
223: assertEquals(adminBean.getDescription(), MSG_CHANGING_PW);
224: assertTrue(adminBean.getName() == null
225: || adminBean.getName().equals(""));
226: assertTrue(adminBean.getBeforeValue() == null
227: || adminBean.getBeforeValue().equals(""));
228: assertTrue(adminBean.getAfterValue() == null
229: || adminBean.getAfterValue().equals(""));
230:
231: adminBean = lookupAdminActivity(ADMIN_QUERY,
232: AuditActivity.USER_ADD_ATTRIBUTE);
233: assertEquals(adminBean.getActivity(),
234: AuditActivity.USER_ADD_ATTRIBUTE);
235: assertEquals(adminBean.getCategory(),
236: AuditActivity.CAT_ADMIN_ATTRIBUTE_MAINTENANCE);
237: assertEquals(adminBean.getAdmin(), ADMIN_USER);
238: assertEquals(adminBean.getUserName(), USER);
239: assertNotNull(adminBean.getTimestamp());
240: assertEquals(adminBean.getIpAddress(), IP1);
241: assertEquals(adminBean.getDescription(), MSG_ATTRIBUTE);
242: assertEquals(adminBean.getName(), ATTRIBUTE_NAME_1);
243: assertEquals(adminBean.getBeforeValue(),
244: ATTRIBUTE_VALUE_BEFORE_1);
245: assertEquals(adminBean.getAfterValue(), ATTRIBUTE_VALUE_AFTER_1);
246:
247: audit.setEnabled(false);
248: assertFalse(audit.getEnabled());
249: audit.logAdminAttributeActivity(ADMIN_USER, IP1, USER,
250: AuditActivity.USER_ADD_ATTRIBUTE, ATTRIBUTE_NAME_1,
251: ATTRIBUTE_VALUE_BEFORE_1, ATTRIBUTE_VALUE_AFTER_1,
252: MSG_ATTRIBUTE);
253: adminCount = this .countAdminActivity();
254: assertEquals(adminCount, 3);
255: }
256:
257: private static String USER_QUERY = "SELECT * FROM USER_ACTIVITY WHERE ACTIVITY = ?";
258: private static String ADMIN_QUERY = "SELECT * FROM ADMIN_ACTIVITY WHERE ACTIVITY = ?";
259:
260: private static String MSG_AUTHENTICATION_SUCCESS = "logging on via Jetspeed Portal";
261: private static String MSG_AUTHENTICATION_FAILURE = "failure logging on via Jetspeed Portal";
262: private static String MSG_ADDING_USER = "adding new user";
263: private static String MSG_CHANGING_PW = "changing password";
264: private static String MSG_ATTRIBUTE = "Attribute added for user";
265:
266: private static String ADMIN_USER = "admin";
267: private static String USER = "nelson";
268: private static String IP1 = "123.234.145.156";
269: private static String ATTRIBUTE_NAME_1 = "attribute1";
270: private static String ATTRIBUTE_VALUE_BEFORE_1 = "value1BEFORE";
271: private static String ATTRIBUTE_VALUE_AFTER_1 = "value1AFTER";
272:
273: private ActivityBean lookupUserActivity(String query,
274: String keyActivity) throws SQLException {
275: Connection con = null;
276: PreparedStatement pstmt = null;
277: ResultSet rs = null;
278: try {
279: con = audit.getDataSource().getConnection();
280: pstmt = con.prepareStatement(query);
281: pstmt.setString(1, keyActivity);
282: rs = pstmt.executeQuery();
283: rs.next();
284: ActivityBean bean = new ActivityBean();
285: bean.setActivity(rs.getString(1));
286: bean.setCategory(rs.getString(2));
287: bean.setUserName(rs.getString(3));
288: bean.setTimestamp(rs.getTimestamp(4));
289: bean.setIpAddress(rs.getString(5));
290: bean.setName(rs.getString(6));
291: bean.setBeforeValue(rs.getString(7));
292: bean.setAfterValue(rs.getString(8));
293: bean.setDescription(rs.getString(9));
294: return bean;
295: } catch (SQLException e) {
296: throw e;
297: } finally {
298: if (pstmt != null) {
299: pstmt.close();
300: }
301: if (rs != null) {
302: rs.close();
303: }
304: if (con != null) {
305: try {
306: con.close();
307: } catch (SQLException ee) {
308: }
309: }
310: }
311: }
312:
313: private ActivityBean lookupAdminActivity(String query,
314: String keyActivity) throws SQLException {
315: Connection con = null;
316: PreparedStatement pstmt = null;
317: ResultSet rs = null;
318: try {
319: con = audit.getDataSource().getConnection();
320: pstmt = con.prepareStatement(query);
321: pstmt.setString(1, keyActivity);
322: rs = pstmt.executeQuery();
323: rs.next();
324: ActivityBean bean = new ActivityBean();
325: bean.setActivity(rs.getString(1));
326: bean.setCategory(rs.getString(2));
327: bean.setAdmin(rs.getString(3));
328: bean.setUserName(rs.getString(4));
329: bean.setTimestamp(rs.getTimestamp(5));
330: bean.setIpAddress(rs.getString(6));
331: bean.setName(rs.getString(7));
332: bean.setBeforeValue(rs.getString(8));
333: bean.setAfterValue(rs.getString(9));
334: bean.setDescription(rs.getString(10));
335: return bean;
336: } catch (SQLException e) {
337: throw e;
338: } finally {
339: if (pstmt != null) {
340: pstmt.close();
341: }
342: if (rs != null) {
343: rs.close();
344: }
345: if (con != null) {
346: try {
347: con.close();
348: } catch (SQLException ee) {
349: }
350: }
351: }
352: }
353:
354: protected String[] getConfigurations() {
355: return new String[] { "statistics.xml", "transaction.xml",
356: "boot/datasource.xml" };
357: }
358:
359: protected String[] getBootConfigurations() {
360: return new String[] { "boot/datasource.xml" };
361: }
362:
363: }
|