001: /*
002: JSPWiki - a JSP-based WikiWiki clone.
003:
004: Copyright (C) 2001-2007 Janne Jalkanen (Janne.Jalkanen@iki.fi)
005:
006: This program is free software; you can redistribute it and/or modify
007: it under the terms of the GNU Lesser General Public License as published by
008: the Free Software Foundation; either version 2.1 of the License, or
009: (at your option) any later version.
010:
011: This program is distributed in the hope that it will be useful,
012: but WITHOUT ANY WARRANTY; without even the implied warranty of
013: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
014: GNU Lesser General Public License for more details.
015:
016: You should have received a copy of the GNU Lesser General Public License
017: along with this program; if not, write to the Free Software
018: Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
019: */
020: package com.ecyrd.jspwiki.auth.acl;
021:
022: import java.security.Principal;
023: import java.util.HashMap;
024: import java.util.Map;
025: import java.util.Properties;
026:
027: import junit.framework.Test;
028: import junit.framework.TestCase;
029: import junit.framework.TestSuite;
030:
031: import com.ecyrd.jspwiki.TestEngine;
032: import com.ecyrd.jspwiki.WikiEngine;
033: import com.ecyrd.jspwiki.WikiSession;
034: import com.ecyrd.jspwiki.WikiSessionTest;
035: import com.ecyrd.jspwiki.auth.GroupPrincipal;
036: import com.ecyrd.jspwiki.auth.WikiPrincipal;
037: import com.ecyrd.jspwiki.auth.acl.AclEntry;
038: import com.ecyrd.jspwiki.auth.acl.AclEntryImpl;
039: import com.ecyrd.jspwiki.auth.acl.AclImpl;
040: import com.ecyrd.jspwiki.auth.authorize.Group;
041: import com.ecyrd.jspwiki.auth.authorize.GroupManager;
042: import com.ecyrd.jspwiki.auth.permissions.PagePermission;
043:
044: public class AclImplTest extends TestCase {
045: private AclImpl m_acl;
046:
047: private AclImpl m_aclGroup;
048:
049: private Map m_groups;
050:
051: private GroupManager m_groupMgr;
052:
053: private WikiSession m_session;
054:
055: public AclImplTest(String s) {
056: super (s);
057: }
058:
059: /**
060: * We setup the following rules: Alice = may view Bob = may view, may edit
061: * Charlie = may view Dave = may view, may comment groupAcl: FooGroup =
062: * Alice, Bob - may edit BarGroup = Bob, Charlie - may view
063: */
064: public void setUp() throws Exception {
065: super .setUp();
066: Properties props = new Properties();
067: props.load(TestEngine.findTestProperties());
068: WikiEngine engine = new TestEngine(props);
069: m_groupMgr = engine.getGroupManager();
070: m_session = WikiSessionTest.adminSession(engine);
071:
072: m_acl = new AclImpl();
073: m_aclGroup = new AclImpl();
074: m_groups = new HashMap();
075: Principal uAlice = new WikiPrincipal("Alice");
076: Principal uBob = new WikiPrincipal("Bob");
077: Principal uCharlie = new WikiPrincipal("Charlie");
078: Principal uDave = new WikiPrincipal("Dave");
079:
080: // Alice can view
081: AclEntry ae = new AclEntryImpl();
082: ae.addPermission(PagePermission.VIEW);
083: ae.setPrincipal(uAlice);
084:
085: // Charlie can view
086: AclEntry ae2 = new AclEntryImpl();
087: ae2.addPermission(PagePermission.VIEW);
088: ae2.setPrincipal(uCharlie);
089:
090: // Bob can view and edit (and by implication, comment)
091: AclEntry ae3 = new AclEntryImpl();
092: ae3.addPermission(PagePermission.VIEW);
093: ae3.addPermission(PagePermission.EDIT);
094: ae3.setPrincipal(uBob);
095:
096: // Dave can view and comment
097: AclEntry ae4 = new AclEntryImpl();
098: ae4.addPermission(PagePermission.VIEW);
099: ae4.addPermission(PagePermission.COMMENT);
100: ae4.setPrincipal(uDave);
101:
102: // Create ACL with Alice, Bob, Charlie, Dave
103: m_acl.addEntry(ae);
104: m_acl.addEntry(ae2);
105: m_acl.addEntry(ae3);
106: m_acl.addEntry(ae4);
107:
108: // Foo group includes Alice and Bob
109: Group foo = m_groupMgr.parseGroup("FooGroup", "", true);
110: m_groupMgr.setGroup(m_session, foo);
111: foo.add(uAlice);
112: foo.add(uBob);
113: AclEntry ag1 = new AclEntryImpl();
114: ag1.setPrincipal(foo.getPrincipal());
115: ag1.addPermission(PagePermission.EDIT);
116: m_aclGroup.addEntry(ag1);
117: m_groups.put("FooGroup", foo);
118:
119: // Bar group includes Bob and Charlie
120: Group bar = m_groupMgr.parseGroup("BarGroup", "", true);
121: m_groupMgr.setGroup(m_session, bar);
122: bar.add(uBob);
123: bar.add(uCharlie);
124: AclEntry ag2 = new AclEntryImpl();
125: ag2.setPrincipal(bar.getPrincipal());
126: ag2.addPermission(PagePermission.VIEW);
127: m_aclGroup.addEntry(ag2);
128: m_groups.put("BarGroup", bar);
129: }
130:
131: public void tearDown() throws Exception {
132: m_groupMgr.removeGroup("FooGroup");
133: m_groupMgr.removeGroup("BarGroup");
134: }
135:
136: private boolean inArray(Object[] array, Object key) {
137: for (int i = 0; i < array.length; i++) {
138: if (array[i].equals(key)) {
139: return true;
140: }
141: }
142: return false;
143: }
144:
145: private boolean inGroup(Object[] array, Principal key) {
146: for (int i = 0; i < array.length; i++) {
147: if (array[i] instanceof GroupPrincipal) {
148: String groupName = ((GroupPrincipal) array[i])
149: .getName();
150: Group group = (Group) m_groups.get(groupName);
151: if (group != null && group.isMember(key)) {
152: return true;
153: }
154: }
155: }
156: return false;
157: }
158:
159: public void testAlice() {
160: // Alice should be able to view but not edit or comment
161: Principal wup = new WikiPrincipal("Alice");
162: assertTrue("view", inArray(m_acl
163: .findPrincipals(PagePermission.VIEW), wup));
164: assertFalse("edit", inArray(m_acl
165: .findPrincipals(PagePermission.EDIT), wup));
166: assertFalse("comment", inArray(m_acl
167: .findPrincipals(PagePermission.COMMENT), wup));
168: }
169:
170: public void testBob() {
171: // Bob should be able to view, edit, and comment but not delete
172: Principal wup = new WikiPrincipal("Bob");
173: assertTrue("view", inArray(m_acl
174: .findPrincipals(PagePermission.VIEW), wup));
175: assertTrue("edit", inArray(m_acl
176: .findPrincipals(PagePermission.EDIT), wup));
177: assertTrue("comment", inArray(m_acl
178: .findPrincipals(PagePermission.COMMENT), wup));
179: assertFalse("delete", inArray(m_acl
180: .findPrincipals(PagePermission.DELETE), wup));
181: }
182:
183: public void testCharlie() {
184: // Charlie should be able to view, but not edit, comment or delete
185: Principal wup = new WikiPrincipal("Charlie");
186: assertTrue("view", inArray(m_acl
187: .findPrincipals(PagePermission.VIEW), wup));
188: assertFalse("edit", inArray(m_acl
189: .findPrincipals(PagePermission.EDIT), wup));
190: assertFalse("comment", inArray(m_acl
191: .findPrincipals(PagePermission.COMMENT), wup));
192: assertFalse("delete", inArray(m_acl
193: .findPrincipals(PagePermission.DELETE), wup));
194: }
195:
196: public void testDave() {
197: // Dave should be able to view and comment but not edit or delete
198: Principal wup = new WikiPrincipal("Dave");
199: assertTrue("view", inArray(m_acl
200: .findPrincipals(PagePermission.VIEW), wup));
201: assertFalse("edit", inArray(m_acl
202: .findPrincipals(PagePermission.EDIT), wup));
203: assertTrue("comment", inArray(m_acl
204: .findPrincipals(PagePermission.COMMENT), wup));
205: assertFalse("delete", inArray(m_acl
206: .findPrincipals(PagePermission.DELETE), wup));
207: }
208:
209: public void testGroups() {
210: Principal wup = new WikiPrincipal("Alice");
211: assertTrue("Alice view", inGroup(m_aclGroup
212: .findPrincipals(PagePermission.VIEW), wup));
213: assertTrue("Alice edit", inGroup(m_aclGroup
214: .findPrincipals(PagePermission.EDIT), wup));
215: assertTrue("Alice comment", inGroup(m_aclGroup
216: .findPrincipals(PagePermission.COMMENT), wup));
217: assertFalse("Alice delete", inGroup(m_aclGroup
218: .findPrincipals(PagePermission.DELETE), wup));
219:
220: wup = new WikiPrincipal("Bob");
221: assertTrue("Bob view", inGroup(m_aclGroup
222: .findPrincipals(PagePermission.VIEW), wup));
223: assertTrue("Bob edit", inGroup(m_aclGroup
224: .findPrincipals(PagePermission.EDIT), wup));
225: assertTrue("Bob comment", inGroup(m_aclGroup
226: .findPrincipals(PagePermission.COMMENT), wup));
227: assertFalse("Bob delete", inGroup(m_aclGroup
228: .findPrincipals(PagePermission.DELETE), wup));
229:
230: wup = new WikiPrincipal("Charlie");
231: assertTrue("Charlie view", inGroup(m_aclGroup
232: .findPrincipals(PagePermission.VIEW), wup));
233: assertFalse("Charlie edit", inGroup(m_aclGroup
234: .findPrincipals(PagePermission.EDIT), wup));
235: assertFalse("Charlie comment", inGroup(m_aclGroup
236: .findPrincipals(PagePermission.COMMENT), wup));
237: assertFalse("Charlie delete", inGroup(m_aclGroup
238: .findPrincipals(PagePermission.DELETE), wup));
239:
240: wup = new WikiPrincipal("Dave");
241: assertFalse("Dave view", inGroup(m_aclGroup
242: .findPrincipals(PagePermission.VIEW), wup));
243: assertFalse("Dave edit", inGroup(m_aclGroup
244: .findPrincipals(PagePermission.EDIT), wup));
245: assertFalse("Dave comment", inGroup(m_aclGroup
246: .findPrincipals(PagePermission.COMMENT), wup));
247: assertFalse("Dave delete", inGroup(m_aclGroup
248: .findPrincipals(PagePermission.DELETE), wup));
249: }
250:
251: public static Test suite() {
252: return new TestSuite(AclImplTest.class);
253: }
254: }
|