001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017: package org.apache.jetspeed.security;
018:
019: import java.security.AccessControlException;
020: import java.security.Permission;
021: import java.security.Permissions;
022: import java.security.Principal;
023: import java.util.ArrayList;
024: import java.util.Arrays;
025: import java.util.Collection;
026: import java.util.Collections;
027: import java.util.Comparator;
028: import java.util.Enumeration;
029: import java.util.HashSet;
030: import java.util.Set;
031: import java.util.Vector;
032:
033: import javax.security.auth.Subject;
034:
035: import junit.framework.Test;
036: import junit.framework.TestSuite;
037:
038: import org.apache.jetspeed.security.impl.GroupPrincipalImpl;
039: import org.apache.jetspeed.security.impl.PrincipalsSet;
040: import org.apache.jetspeed.security.impl.RolePrincipalImpl;
041: import org.apache.jetspeed.security.impl.UserPrincipalImpl;
042: import org.apache.jetspeed.security.util.test.AbstractSecurityTestcase;
043:
044: /**
045: * <p>Unit testing for {@link PermissionManager}.</p>
046: *
047: * @author <a href="mailto:dlestrat@apache.org">David Le Strat</a>
048: */
049: public class TestPermissionManager extends AbstractSecurityTestcase {
050: private static final Comparator principalComparator = new Comparator() {
051:
052: public int compare(Object arg0, Object arg1) {
053: return ((Principal) arg0).getName().compareTo(
054: ((Principal) arg1).getName());
055: }
056: };
057:
058: /**
059: * @see junit.framework.TestCase#setUp()
060: */
061: protected void setUp() throws Exception {
062: super .setUp();
063: }
064:
065: /**
066: * @see junit.framework.TestCase#tearDown()
067: */
068: public void tearDown() throws Exception {
069: destroyPermissions();
070: super .tearDown();
071: }
072:
073: public static Test suite() {
074: // All methods starting with "test" will be executed in the test suite.
075: return new TestSuite(TestPermissionManager.class);
076: }
077:
078: public void testWildcardPermissionCheck() throws Exception {
079: //////////////////////////////////////////////////////////////////////////
080: // setup
081: ////////////
082: UserPrincipal adminUser = new UserPrincipalImpl("adminTEST");
083: UserPrincipal userUser = new UserPrincipalImpl("userTEST");
084: PortletPermission adminPerm = new PortletPermission(
085: "adminTEST::*", "view, edit");
086: PortletPermission userPerm = new PortletPermission(
087: "demoTEST::*", "view, edit");
088: RolePrincipal adminRole = new RolePrincipalImpl("adminTEST");
089: RolePrincipal userRole = new RolePrincipalImpl("userTEST");
090:
091: try {
092: ums.addUser(adminUser.getName(), "password");
093: ums.addUser(userUser.getName(), "password");
094: rms.addRole(adminRole.getName());
095: rms.addRole(userRole.getName());
096: rms.addRoleToUser(adminUser.getName(), adminRole.getName());
097: rms.addRoleToUser(userUser.getName(), userRole.getName());
098: rms.addRoleToUser(adminUser.getName(), userRole.getName());
099: pms.addPermission(adminPerm);
100: pms.addPermission(userPerm);
101: pms.grantPermission(adminRole, adminPerm);
102: pms.grantPermission(userRole, userPerm);
103: } catch (SecurityException sex) {
104: assertTrue(
105: "failed to init testRemovePrincipalPermissions(), "
106: + sex, false);
107: }
108:
109: //////////////////////////////////////////////////////////////////////////
110: // Run Test
111: ////////////
112: Set adminPrincipals = new PrincipalsSet();
113: Set adminPublicCredentials = new HashSet();
114: Set adminPrivateCredentials = new HashSet();
115: Set userPrincipals = new PrincipalsSet();
116: Set userPublicCredentials = new HashSet();
117: Set userPrivateCredentials = new HashSet();
118:
119: adminPrincipals.add(adminUser);
120: adminPrincipals.add(adminRole);
121: adminPrincipals.add(userRole);
122:
123: userPrincipals.add(userUser);
124: userPrincipals.add(userRole);
125:
126: try {
127: Subject adminSubject = new Subject(true, adminPrincipals,
128: adminPublicCredentials, adminPrivateCredentials);
129: Subject userSubject = new Subject(true, userPrincipals,
130: userPublicCredentials, userPrivateCredentials);
131:
132: boolean access = pms.checkPermission(adminSubject,
133: adminPerm);
134: assertTrue(
135: "access to admin Perm should be granted to Admin ",
136: access);
137:
138: access = pms.checkPermission(adminSubject, userPerm);
139: assertTrue(
140: "access to user should NOT be granted to Admin ",
141: access);
142:
143: access = pms.checkPermission(userSubject, userPerm);
144: assertTrue(
145: "access to User Perm should be granted to User ",
146: access);
147:
148: access = pms.checkPermission(userSubject, adminPerm);
149: assertFalse(
150: "access to Admin Perm should NOT be granted to User ",
151: access);
152:
153: } catch (AccessControlException e) {
154: fail("failed permission check");
155: } finally {
156: //////////////////////////////////////////////////////////////////////////
157: // cleanup
158: ////////////
159: try {
160: ums.removeUser(adminUser.getName());
161: ums.removeUser(userUser.getName());
162: rms.removeRole(adminRole.getName());
163: rms.removeRole(userRole.getName());
164:
165: pms.removePermission(adminPerm);
166: pms.removePermission(userPerm);
167: } catch (SecurityException sex) {
168: assertTrue(
169: "could not remove user and permission. exception caught: "
170: + sex, false);
171: }
172: }
173:
174: }
175:
176: public void testPermissionCheck() throws Exception {
177: //////////////////////////////////////////////////////////////////////////
178: // setup
179: ////////////
180: UserPrincipal user = new UserPrincipalImpl("test");
181: PortletPermission perm1 = new PortletPermission("PortletOne",
182: "view, edit");
183: PortletPermission perm2 = new PortletPermission("PortletTwo",
184: "view");
185: PortletPermission perm3 = new PortletPermission("PortletThree",
186: "view");
187: PortletPermission perm3a = new PortletPermission(
188: "PortletThreeA", "view, edit");
189: RolePrincipal role1 = new RolePrincipalImpl("Role1");
190: RolePrincipal role2 = new RolePrincipalImpl("Role2");
191:
192: try {
193: ums.addUser(user.getName(), "password");
194: rms.addRole(role1.getName());
195: rms.addRole(role2.getName());
196: rms.addRoleToUser(user.getName(), role1.getName());
197: rms.addRoleToUser(user.getName(), role2.getName());
198: pms.addPermission(perm1);
199: pms.addPermission(perm2);
200: pms.addPermission(perm3);
201: pms.addPermission(perm3a);
202: pms.grantPermission(user, perm1);
203: pms.grantPermission(role1, perm2);
204: pms.grantPermission(role2, perm3);
205: } catch (SecurityException sex) {
206: assertTrue(
207: "failed to init testRemovePrincipalPermissions(), "
208: + sex, false);
209: }
210:
211: //////////////////////////////////////////////////////////////////////////
212: // Run Test
213: ////////////
214: Set principals = new PrincipalsSet();
215: Set publicCredentials = new HashSet();
216: Set privateCredentials = new HashSet();
217: principals.add(user);
218: principals.add(role1);
219: principals.add(role2);
220:
221: try {
222: Subject subject = new Subject(true, principals,
223: publicCredentials, privateCredentials);
224: boolean access = pms.checkPermission(subject, perm1);
225: assertTrue("access to perm1 should be granted ", access);
226: access = pms.checkPermission(subject, perm2);
227: assertTrue("access to perm2 should be granted ", access);
228: access = pms.checkPermission(subject, perm3);
229: assertTrue("access to perm3 should be granted ", access);
230: access = pms.checkPermission(subject, perm3a);
231: assertFalse("access to perm3a should be denied ", access);
232: } catch (AccessControlException e) {
233: fail("failed permission check");
234: } finally {
235: //////////////////////////////////////////////////////////////////////////
236: // cleanup
237: ////////////
238: try {
239: ums.removeUser(user.getName());
240: rms.removeRole(role1.getName());
241: rms.removeRole(role2.getName());
242: pms.removePermission(perm1);
243: pms.removePermission(perm2);
244: pms.removePermission(perm3);
245: pms.removePermission(perm3a);
246: } catch (SecurityException sex) {
247: assertTrue(
248: "could not remove user and permission. exception caught: "
249: + sex, false);
250: }
251: }
252:
253: }
254:
255: /**
256: * <p>Test remove principal and associated permissions.</p>
257: */
258: public void testRemovePrincipalPermissions() {
259: // Init test.
260: UserPrincipal user = new UserPrincipalImpl("test");
261: PortletPermission perm = new PortletPermission(
262: "anontestportlet", "view, edit");
263: try {
264: ums.addUser(user.getName(), "password");
265: pms.addPermission(perm);
266: pms.grantPermission(user, perm);
267: } catch (SecurityException sex) {
268: assertTrue(
269: "failed to init testRemovePrincipalPermissions(), "
270: + sex, false);
271: }
272: try {
273: pms.removePermissions(user);
274: Permissions permissions = pms.getPermissions(user);
275: assertEquals("permissions should be empty for user "
276: + user.getName(), 0, (Collections.list(permissions
277: .elements())).size());
278: } catch (SecurityException sex) {
279: assertTrue(
280: "could not remove permission. exception caught: "
281: + sex, false);
282: }
283: // Cleanup test.
284: try {
285: ums.removeUser(user.getName());
286: pms.removePermission(perm);
287: } catch (SecurityException sex) {
288: assertTrue(
289: "could not remove user and permission. exception caught: "
290: + sex, false);
291: }
292: }
293:
294: /**
295: * <p>Test remove permission.</p>
296: */
297: public void testPermissionExists() {
298: PortletPermission perm1 = new PortletPermission(
299: "removepermission1",
300: "view, edit, secure, minimized, maximized");
301: PortletPermission perm2 = new PortletPermission(
302: "removepermission2", "view, edit, minimized, maximized");
303: try {
304: pms.addPermission(perm1);
305: assertTrue(pms.permissionExists(perm1));
306: } catch (SecurityException sex) {
307: assertTrue("could not add permission, " + sex, false);
308: }
309: assertFalse(pms.permissionExists(perm2));
310:
311: // Cleanup test.
312: try {
313: pms.removePermission(perm1);
314: } catch (SecurityException sex) {
315: assertTrue(
316: "could not remove permission. exception caught: "
317: + sex, false);
318: }
319: }
320:
321: /**
322: * <p>Test remove permission.</p>
323: */
324: public void testRemovePermission() {
325: // Init test.
326: UserPrincipal user = new UserPrincipalImpl("removepermission");
327: RolePrincipal role = new RolePrincipalImpl(
328: "removepermissionrole");
329: PortletPermission perm1 = new PortletPermission(
330: "removepermission1",
331: "view, edit, secure, minimized, maximized");
332: PortletPermission perm2 = new PortletPermission(
333: "removepermission2", "view, edit, minimized, maximized");
334: try {
335: ums.addUser(user.getName(), "password");
336: rms.addRole(role.getName());
337: pms.addPermission(perm1);
338: pms.addPermission(perm2);
339: pms.grantPermission(user, perm1);
340: pms.grantPermission(user, perm2);
341: pms.grantPermission(role, perm1);
342: pms.grantPermission(role, perm2);
343: } catch (SecurityException sex) {
344: assertTrue("failed to init testRemovePermission(), " + sex,
345: false);
346: }
347: try {
348: pms.removePermission(perm1);
349: Permissions permCol1 = pms
350: .getPermissions(new UserPrincipalImpl(
351: "removepermission"));
352: assertTrue("should only contain permission == {name = "
353: + perm2.getName() + "}, {action = "
354: + perm2.getActions()
355: + "}, in collection of size == 1, actual size: "
356: + (Collections.list(permCol1.elements())).size(),
357: validatePermissions(permCol1, perm2, 1));
358: Permissions permCol2 = pms
359: .getPermissions(new RolePrincipalImpl(
360: "removepermissionrole"));
361: assertTrue("should only contain permission == {name = "
362: + perm2.getName() + "}, {action = "
363: + perm2.getActions()
364: + "}, in collection of size == 1, actual size: "
365: + (Collections.list(permCol2.elements())).size(),
366: validatePermissions(permCol2, perm2, 1));
367: } catch (SecurityException sex) {
368: assertTrue(
369: "could not remove permission. exception caught: "
370: + sex, false);
371: }
372: // Cleanup test.
373: try {
374: ums.removeUser(user.getName());
375: pms.removePermission(perm1);
376: pms.removePermission(perm2);
377: } catch (SecurityException sex) {
378: assertTrue(
379: "could not remove user and permission. exception caught: "
380: + sex, false);
381: }
382: }
383:
384: /**
385: * <p>Test grant permission to principal.</p>
386: */
387: public void testGrantPermission() {
388: // Init test.
389: UserPrincipal user1 = new UserPrincipalImpl(
390: "testgrantpermission1");
391: UserPrincipal user2 = new UserPrincipalImpl(
392: "testgrantpermission2");
393: PortletPermission perm1 = new PortletPermission("testportlet",
394: "view, minimized, secure");
395: PortletPermission perm2 = new PortletPermission("testportlet",
396: "view, minimized, maximized, secure");
397: try {
398: ums.addUser(user2.getName(), "password");
399: pms.addPermission(perm1);
400: pms.addPermission(perm2);
401: } catch (SecurityException sex) {
402: assertTrue("failed to init testGrantPermission(), " + sex,
403: false);
404: }
405:
406: // Test permission for new permission and new principal (does not exist).
407: try {
408: pms.grantPermission(user1, perm1);
409: assertTrue(
410: "principal does not exist. should have caught exception.",
411: false);
412: } catch (SecurityException sex) {
413: }
414: // Test insert new permission and existing principal.
415: try {
416: pms.grantPermission(user2, perm2);
417: } catch (SecurityException sex) {
418: assertTrue("principal does not exist. caught exception, "
419: + sex, false);
420: }
421: Permissions permCol1 = pms.getPermissions(user2);
422: assertTrue("should contain permission == {name = "
423: + perm2.getName() + "}, {action = "
424: + perm2.getActions()
425: + "}, in collection of size == 1, actual size: "
426: + (Collections.list(permCol1.elements())).size(),
427: validatePermissions(permCol1, perm2, 1));
428: // Test insert duplicate permission for same principal
429: try {
430: pms.grantPermission(user2, perm2);
431: } catch (SecurityException sex) {
432: assertTrue("principal does not exist. caught exception, "
433: + sex, false);
434: }
435: Permissions permCol2 = pms.getPermissions(user2);
436: assertTrue("should contain permission == {name = "
437: + perm2.getName() + "}, {action = "
438: + perm2.getActions()
439: + "}, in collection of size == 1, actual size: "
440: + (Collections.list(permCol2.elements())).size(),
441: validatePermissions(permCol2, perm2, 1));
442:
443: // Cleanup test.
444: try {
445: ums.removeUser(user2.getName());
446: pms.removePermission(perm1);
447: pms.removePermission(perm2);
448: } catch (SecurityException sex) {
449: assertTrue(
450: "could not remove user and permission. exception caught: "
451: + sex, false);
452: }
453: }
454:
455: /**
456: * <p>Test get permissions from a principal.</p>
457: */
458: public void testGetPrincipalPermissions() {
459: // Init test.
460: UserPrincipal user = new UserPrincipalImpl("anon");
461: PortletPermission perm1 = new PortletPermission(
462: "anontestportlet", "view");
463: PortletPermission perm2 = new PortletPermission(
464: "anontestportlet", "view, edit");
465: try {
466: ums.addUser(user.getName(), "password");
467: pms.addPermission(perm1);
468: pms.addPermission(perm2);
469: pms.grantPermission(user, perm1);
470: pms.grantPermission(user, perm2);
471: } catch (SecurityException sex) {
472: assertTrue("failed to init testGetPrincipalPermissions(), "
473: + sex, false);
474: }
475:
476: Permissions permissions = pms.getPermissions(user);
477: assertTrue("should contain permission == {name = "
478: + perm1.getName() + "}, {action = "
479: + perm1.getActions()
480: + "}, in collection of size == 2, actual size: "
481: + (Collections.list(permissions.elements())).size(),
482: validatePermissions(permissions, perm1, 2));
483: assertTrue("should contain permission == {name = "
484: + perm2.getName() + "}, {action = "
485: + perm2.getActions()
486: + "}, in collection of size == 2, actual size: "
487: + (Collections.list(permissions.elements())).size(),
488: validatePermissions(permissions, perm2, 2));
489:
490: // Cleanup test.
491: try {
492: ums.removeUser(user.getName());
493: pms.removePermission(perm1);
494: pms.removePermission(perm2);
495: } catch (SecurityException sex) {
496: assertTrue(
497: "could not remove user and permission. exception caught: "
498: + sex, false);
499: }
500: }
501:
502: /**
503: * <p>Test get permissions from a collection of principals.</p>
504: */
505: public void testGetPermissions() {
506: // Init test.
507: UserPrincipal user = new UserPrincipalImpl("anon");
508: RolePrincipal role1 = new RolePrincipalImpl("anonrole1");
509: RolePrincipal role2 = new RolePrincipalImpl("anonrole2");
510: GroupPrincipal group1 = new GroupPrincipalImpl("anongroup1");
511: GroupPrincipal group2 = new GroupPrincipalImpl("anongroup2");
512: PortletPermission perm1 = new PortletPermission(
513: "anontestportlet", "view");
514: PortletPermission perm2 = new PortletPermission(
515: "anontestportlet", "view, edit");
516: PortletPermission perm3 = new PortletPermission(
517: "anontestportlet", "view, edit, secure");
518: PortletPermission perm4 = new PortletPermission(
519: "anontestportlet", "view, edit, secure, minimized");
520: try {
521: ums.addUser(user.getName(), "password");
522: rms.addRole(role1.getName());
523: rms.addRole(role2.getName());
524: gms.addGroup(group1.getName());
525: gms.addGroup(group2.getName());
526: pms.addPermission(perm1);
527: pms.addPermission(perm2);
528: pms.addPermission(perm3);
529: pms.addPermission(perm4);
530: pms.grantPermission(role1, perm1);
531: pms.grantPermission(role2, perm1);
532: pms.grantPermission(role2, perm2);
533: pms.grantPermission(role2, perm3);
534: pms.grantPermission(role2, perm4);
535: pms.grantPermission(group1, perm1);
536: pms.grantPermission(group2, perm1);
537: pms.grantPermission(group2, perm2);
538: pms.grantPermission(group2, perm3);
539: pms.grantPermission(group2, perm4);
540: } catch (SecurityException sex) {
541: assertTrue("failed to init testGetPrincipalPermissions(), "
542: + sex, false);
543: }
544:
545: ArrayList principals = new ArrayList();
546: principals.add(user);
547: principals.add(role1);
548: principals.add(role2);
549: principals.add(group1);
550: principals.add(group2);
551: Permissions permissions = pms.getPermissions(principals);
552: assertTrue("should contain permission == {name = "
553: + perm1.getName() + "}, {action = "
554: + perm1.getActions()
555: + "}, in collection of size == 4, actual size: "
556: + (Collections.list(permissions.elements())).size(),
557: validatePermissions(permissions, perm1, 4));
558: assertTrue("should contain permission == {name = "
559: + perm2.getName() + "}, {action = "
560: + perm2.getActions()
561: + "}, in collection of size == 4, actual size: "
562: + (Collections.list(permissions.elements())).size(),
563: validatePermissions(permissions, perm2, 4));
564: assertTrue("should contain permission == {name = "
565: + perm3.getName() + "}, {action = "
566: + perm3.getActions()
567: + "}, in collection of size == 4, actual size: "
568: + (Collections.list(permissions.elements())).size(),
569: validatePermissions(permissions, perm3, 4));
570: assertTrue("should contain permission == {name = "
571: + perm4.getName() + "}, {action = "
572: + perm4.getActions()
573: + "}, in collection of size == 4, actual size: "
574: + (Collections.list(permissions.elements())).size(),
575: validatePermissions(permissions, perm4, 4));
576:
577: // Cleanup test.
578: try {
579: ums.removeUser(user.getName());
580: pms.removePermission(perm1);
581: pms.removePermission(perm2);
582: pms.removePermission(perm3);
583: pms.removePermission(perm4);
584: } catch (SecurityException sex) {
585: assertTrue("could not remove user. exception caught: "
586: + sex, false);
587: }
588: }
589:
590: /**
591: * <p>Test revoke permission.</p>
592: */
593: public void testRevokePermission() {
594: // Init test.
595: UserPrincipal user = new UserPrincipalImpl("revokepermission");
596: PortletPermission perm1 = new PortletPermission(
597: "revokepermission1", "view, edit, minimized, maximized");
598: PortletPermission perm2 = new PortletPermission(
599: "revokepermission2", "view, edit, minimized, maximized");
600: try {
601: ums.addUser(user.getName(), "password");
602: pms.addPermission(perm1);
603: pms.addPermission(perm2);
604: pms.grantPermission(user, perm1);
605: pms.grantPermission(user, perm2);
606: } catch (SecurityException sex) {
607: assertTrue("failed to init testRevokePermission(), " + sex,
608: false);
609: }
610: try {
611: pms.revokePermission(user, perm2);
612: Permissions permCol = pms.getPermissions(user);
613: assertTrue("should only contain permission == {name = "
614: + perm1.getName() + "}, {action = "
615: + perm1.getActions()
616: + "}, in collection of size == 1, actual size: "
617: + (Collections.list(permCol.elements())).size(),
618: validatePermissions(permCol, perm1, 1));
619: } catch (SecurityException sex) {
620: assertTrue(
621: "could not revoke permission. esception caught: "
622: + sex, false);
623: }
624: // Cleanup test.
625: try {
626: ums.removeUser(user.getName());
627: pms.removePermission(perm1);
628: pms.removePermission(perm2);
629: } catch (SecurityException sex) {
630: assertTrue("could not remove user. exception caught: "
631: + sex, false);
632: }
633: }
634:
635: /**
636: * <p>Validate whether permission belongs to permissions and whether the permissions
637: * size equals the size provided.</p>
638: * @param permissions The permissions.
639: * @param permission The permission to validate.
640: * @param size The permissions expected size.
641: * @return
642: */
643: private boolean validatePermissions(Permissions permissions,
644: Permission permission, int size) {
645: Enumeration permissionEnums = permissions.elements();
646: boolean hasPermission = false;
647: int count = 0;
648: while (permissionEnums.hasMoreElements()) {
649: count++;
650: Permission enumPerm = (Permission) permissionEnums
651: .nextElement();
652: if (enumPerm.equals(permission)) {
653: hasPermission = true;
654: }
655: }
656: boolean validated = ((hasPermission) && (count == size));
657: return validated;
658: }
659:
660: /**
661: * <p>Destroy permission test objects.</p>
662: */
663: protected void destroyPermissions() {
664: try {
665: // Remove users.
666: ums.removeUser("anon");
667: ums.removeUser("test");
668: ums.removeUser("removepermission");
669: ums.removeUser("revokepermission");
670: ums.removeUser("testgrantpermission2");
671: // Remove roles.
672: rms.removeRole("anonrole1");
673: rms.removeRole("anonrole2");
674: rms.removeRole("removepermissionrole");
675: // Remove groups.
676: gms.removeGroup("anongroup1");
677: gms.removeGroup("anongroup2");
678: } catch (SecurityException sex) {
679: assertTrue(
680: "could not remove user, role and group. exception caught: "
681: + sex, false);
682: }
683: // Remove permissions.
684: PortletPermission perm1 = new PortletPermission(
685: "anontestportlet", "view");
686: PortletPermission perm2 = new PortletPermission(
687: "anontestportlet", "view, edit");
688: PortletPermission perm3 = new PortletPermission(
689: "anontestportlet", "view, edit, secure");
690: PortletPermission perm4 = new PortletPermission(
691: "anontestportlet", "view, edit, secure, minimized");
692: PortletPermission perm5 = new PortletPermission(
693: "removepermission1",
694: "view, edit, secure, minimized, maximized");
695: PortletPermission perm6 = new PortletPermission(
696: "removepermission2", "view, edit, minimized, maximized");
697: PortletPermission perm7 = new PortletPermission(
698: "revokepermission1", "view, edit, minimized, maximized");
699: PortletPermission perm8 = new PortletPermission(
700: "revokepermission2", "view, edit, minimized, maximized");
701: PortletPermission perm9 = new PortletPermission("testportlet",
702: "view, minimized, secure");
703: try {
704: pms.removePermission(perm1);
705: pms.removePermission(perm2);
706: pms.removePermission(perm3);
707: pms.removePermission(perm4);
708: pms.removePermission(perm5);
709: pms.removePermission(perm6);
710: pms.removePermission(perm7);
711: pms.removePermission(perm8);
712: pms.removePermission(perm9);
713: } catch (SecurityException sex) {
714: assertTrue(
715: "could not remove permissions. exception caught: "
716: + sex, false);
717: }
718: }
719:
720: public void testUpdatePermission() {
721: // Init test.
722: RolePrincipal role1 = new RolePrincipalImpl("role1");
723: RolePrincipal role2 = new RolePrincipalImpl("role2");
724: RolePrincipal role3 = new RolePrincipalImpl("role3");
725: RolePrincipal role4 = new RolePrincipalImpl("role4");
726: PortletPermission perm1 = new PortletPermission("testportlet",
727: "view");
728: try {
729: rms.addRole(role1.getName());
730: rms.addRole(role2.getName());
731: rms.addRole(role3.getName());
732: rms.addRole(role4.getName());
733: pms.addPermission(perm1);
734: } catch (SecurityException sex) {
735: assertTrue("failed to init testUpdatePermission(), " + sex,
736: false);
737: }
738:
739: // Grant 1 and 2
740: try {
741: pms.grantPermission(role1, perm1);
742: pms.grantPermission(role2, perm1);
743: } catch (SecurityException sex) {
744: assertTrue(
745: "failed to grant on testUpdatePermission. caught exception, "
746: + sex, false);
747: }
748:
749: Collection principals = pms.getPrincipals(perm1);
750: assertTrue("principal count should be 2 ",
751: principals.size() == 2);
752: Object[] array = (Object[]) principals.toArray();
753: Arrays.sort(array, principalComparator);
754: assertTrue("element is Principal ",
755: array[0] instanceof Principal);
756: assertTrue("first element not found ", ((Principal) array[0])
757: .getName().equals("role1"));
758: assertTrue("second element not found ", ((Principal) array[1])
759: .getName().equals("role2"));
760:
761: // Try to update collection
762: try {
763: Collection roles = new Vector();
764: roles.add(role1);
765: roles.add(role3);
766: roles.add(role4);
767: pms.updatePermission(perm1, roles);
768: } catch (SecurityException sex) {
769: assertTrue("principal does not exist. caught exception, "
770: + sex, false);
771: }
772: principals = pms.getPrincipals(perm1);
773: assertTrue("principal count should be 3 ",
774: principals.size() == 3);
775: array = (Object[]) principals.toArray();
776: Arrays.sort(array, principalComparator);
777: assertTrue("first element should be [role1] but found ["
778: + ((Principal) array[0]).getName() + "]",
779: ((Principal) array[0]).getName().equals("role1"));
780: assertTrue("second element not found ", ((Principal) array[1])
781: .getName().equals("role3"));
782: assertTrue("third element not found ", ((Principal) array[2])
783: .getName().equals("role4"));
784:
785: // Cleanup test.
786: try {
787: rms.removeRole(role1.getName());
788: rms.removeRole(role2.getName());
789: rms.removeRole(role3.getName());
790: rms.removeRole(role4.getName());
791: pms.removePermission(perm1);
792: } catch (SecurityException sex) {
793: assertTrue(
794: "could not remove user and permission. exception caught: "
795: + sex, false);
796: }
797: }
798:
799: }
|