001: package org.apache.turbine.services.security;
002:
003: /*
004: * Licensed to the Apache Software Foundation (ASF) under one
005: * or more contributor license agreements. See the NOTICE file
006: * distributed with this work for additional information
007: * regarding copyright ownership. The ASF licenses this file
008: * to you under the Apache License, Version 2.0 (the
009: * "License"); you may not use this file except in compliance
010: * with the License. You may obtain a copy of the License at
011: *
012: * http://www.apache.org/licenses/LICENSE-2.0
013: *
014: * Unless required by applicable law or agreed to in writing,
015: * software distributed under the License is distributed on an
016: * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
017: * KIND, either express or implied. See the License for the
018: * specific language governing permissions and limitations
019: * under the License.
020: */
021:
022: import java.util.List;
023:
024: import junit.framework.Test;
025: import junit.framework.TestSuite;
026:
027: import org.apache.turbine.Turbine;
028: import org.apache.turbine.om.security.User;
029: import org.apache.turbine.services.security.torque.TorqueGroup;
030: import org.apache.turbine.services.security.torque.TorquePermission;
031: import org.apache.turbine.services.security.torque.TorqueRole;
032: import org.apache.turbine.services.security.torque.TorqueUser;
033: import org.apache.turbine.test.BaseTurbineTest;
034: import org.apache.turbine.test.HsqlDB;
035: import org.apache.turbine.util.security.GroupSet;
036: import org.apache.turbine.util.security.PasswordMismatchException;
037: import org.apache.turbine.util.security.PermissionSet;
038: import org.apache.turbine.util.security.RoleSet;
039: import org.apache.turbine.util.security.TurbineAccessControlList;
040: import org.apache.turbine.util.security.UnknownEntityException;
041:
042: public class TestSecurity extends BaseTurbineTest {
043: private HsqlDB hsqlDB = null;
044:
045: public TestSecurity(String name) throws Exception {
046: super (name, "conf/test/TurbineResources.properties");
047: hsqlDB = new HsqlDB("jdbc:hsqldb:.", Turbine
048: .getRealPath("conf/test/create-db.sql"));
049: }
050:
051: public static Test suite() {
052: return new TestSuite(TestSecurity.class);
053: }
054:
055: private void checkUserList() throws Exception {
056: SecurityService ss = TurbineSecurity.getService();
057: assertEquals("User added to storage!", ss.getUserList(
058: new org.apache.torque.util.Criteria()).size(), 2);
059: }
060:
061: public void testInit() {
062: SecurityService ss = TurbineSecurity.getService();
063: assertTrue("Service failed to initialize", ss.getInit());
064: }
065:
066: // Make sure that our database contains what we need
067: public void testDatabase() throws Exception {
068: SecurityService ss = TurbineSecurity.getService();
069:
070: GroupSet gs = ss.getAllGroups();
071: RoleSet rs = ss.getAllRoles();
072: PermissionSet ps = ss.getAllPermissions();
073:
074: List users = ss.getUserManager().retrieveList(
075: new org.apache.torque.util.Criteria());
076:
077: assertEquals("Group DB Wrong!", gs.size(), 2);
078: assertEquals("Role DB Wrong!", rs.size(), 2);
079: assertEquals("Permission DB Wrong!", ps.size(), 3);
080: }
081:
082: public void testClasses() throws Exception {
083: SecurityService ss = TurbineSecurity.getService();
084:
085: assertEquals("Class for User Objects is wrong!", ss
086: .getUserClass(), TorqueUser.class);
087: assertEquals("Class for Group Objects is wrong!", ss
088: .getGroupClass(), TorqueGroup.class);
089: assertEquals("Class for Role Objects is wrong!", ss
090: .getRoleClass(), TorqueRole.class);
091: assertEquals("Class for Permission Objects is wrong!", ss
092: .getPermissionClass(), TorquePermission.class);
093:
094: assertEquals("Class for ACLs is wrong!", ss.getAclClass(),
095: TurbineAccessControlList.class);
096: }
097:
098: public void testInstance() throws Exception {
099: SecurityService ss = TurbineSecurity.getService();
100:
101: assertEquals("Instance for User Objects is wrong!", ss
102: .getUserInstance().getClass(), TorqueUser.class);
103: assertEquals("Instance for Group Objects is wrong!", ss
104: .getGroupInstance().getClass(), TorqueGroup.class);
105: assertEquals("Instance for Role Objects is wrong!", ss
106: .getRoleInstance().getClass(), TorqueRole.class);
107: assertEquals("Instance for Permission Objects is wrong!", ss
108: .getPermissionInstance().getClass(),
109: TorquePermission.class);
110: }
111:
112: public void testUserExists() throws Exception {
113: SecurityService ss = TurbineSecurity.getService();
114:
115: assertTrue(ss.accountExists("admin"));
116: assertFalse(ss.accountExists("does-not-exist"));
117:
118: checkUserList();
119: }
120:
121: public void testAuthenticateUser() throws Exception {
122: SecurityService ss = TurbineSecurity.getService();
123:
124: User admin = ss.getAuthenticatedUser("admin", "admin");
125:
126: try {
127: admin = ss
128: .getAuthenticatedUser("admin", "no such password");
129: fail("User was authenticated with wrong password");
130: } catch (Exception e) {
131: assertEquals("Wrong Exception thrown: "
132: + e.getClass().getName(), e.getClass(),
133: PasswordMismatchException.class);
134: }
135:
136: checkUserList();
137: }
138:
139: public void testGetUser() throws Exception {
140: SecurityService ss = TurbineSecurity.getService();
141:
142: User admin = ss.getUser("admin");
143:
144: try {
145: User newbie = ss.getUser("newbie");
146: fail("Non Existing User could be loaded!");
147: } catch (Exception e) {
148: assertEquals("Wrong Exception thrown: "
149: + e.getClass().getName(), e.getClass(),
150: UnknownEntityException.class);
151: }
152:
153: checkUserList();
154: }
155:
156: public void testUserLists() throws Exception {
157: SecurityService ss = TurbineSecurity.getService();
158:
159: User[] users = ss
160: .getUsers(new org.apache.torque.util.Criteria());
161: assertNotNull(users);
162: assertEquals("Wrong number of users retrieved!", users.length,
163: 2);
164:
165: List userList = ss
166: .getUserList(new org.apache.torque.util.Criteria());
167: assertNotNull(userList);
168: assertEquals("Wrong number of users retrieved!", userList
169: .size(), 2);
170:
171: assertEquals("Array and List have different sizes!",
172: users.length, userList.size());
173:
174: checkUserList();
175: }
176:
177: public void testAnonymousUser() throws Exception {
178: SecurityService ss = TurbineSecurity.getService();
179:
180: User user = ss.getAnonymousUser();
181:
182: assertNotNull(user);
183:
184: assertTrue(ss.isAnonymousUser(user));
185:
186: user = ss.getUser("admin");
187: assertNotNull(user);
188:
189: assertFalse(ss.isAnonymousUser(user));
190: }
191:
192: public void testSaveUser() throws Exception {
193: SecurityService ss = TurbineSecurity.getService();
194:
195: User admin = ss.getUser("admin");
196:
197: ss.saveUser(admin);
198:
199: try {
200: User newbie = TurbineSecurity.getUserInstance();
201: newbie.setName("newbie");
202:
203: ss.saveUser(newbie);
204: fail("Non Existing User could be stored!");
205: } catch (Exception e) {
206: assertEquals("Wrong Exception thrown: "
207: + e.getClass().getName(), e.getClass(),
208: UnknownEntityException.class);
209: }
210:
211: checkUserList();
212: }
213:
214: public void testChangePassword() throws Exception {
215: SecurityService ss = TurbineSecurity.getService();
216:
217: User admin = ss.getUser("admin");
218: assertNotNull(admin);
219:
220: ss.changePassword(admin, admin.getPassword(), "foobar");
221:
222: User admin2 = ss.getUser("admin");
223: assertEquals("Password was not changed!", "foobar", admin2
224: .getPassword());
225:
226: try {
227: admin = ss.getUser("admin");
228: ss.changePassword(admin, "admin", "foobar");
229: fail("Password could be changed without old password!");
230: } catch (Exception e) {
231: assertEquals("Wrong Exception thrown: "
232: + e.getClass().getName(), e.getClass(),
233: PasswordMismatchException.class);
234: }
235:
236: admin2 = ss.getUser("admin");
237: assertEquals("Password was changed!", "foobar", admin2
238: .getPassword());
239:
240: checkUserList();
241: }
242:
243: public void testForcePassword() throws Exception {
244: SecurityService ss = TurbineSecurity.getService();
245:
246: User admin = ss.getUser("admin");
247: assertNotNull(admin);
248:
249: ss.forcePassword(admin, "barbaz");
250:
251: User admin2 = ss.getUser("admin");
252: assertEquals("Password was not changed!", "barbaz", admin2
253: .getPassword());
254:
255: ss.forcePassword(admin, "admin");
256:
257: admin2 = ss.getUser("admin");
258: assertEquals("Password was not reset!", "admin", admin2
259: .getPassword());
260:
261: checkUserList();
262: }
263: }
|