001: /******************************************************************************
002: * JBoss, a division of Red Hat *
003: * Copyright 2006, Red Hat Middleware, LLC, and individual *
004: * contributors as indicated by the @authors tag. See the *
005: * copyright.txt in the distribution for a full listing of *
006: * individual contributors. *
007: * *
008: * This is free software; you can redistribute it and/or modify it *
009: * under the terms of the GNU Lesser General Public License as *
010: * published by the Free Software Foundation; either version 2.1 of *
011: * the License, or (at your option) any later version. *
012: * *
013: * This software is distributed in the hope that it will be useful, *
014: * but WITHOUT ANY WARRANTY; without even the implied warranty of *
015: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
016: * Lesser General Public License for more details. *
017: * *
018: * You should have received a copy of the GNU Lesser General Public *
019: * License along with this software; if not, write to the Free *
020: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
021: * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
022: ******************************************************************************/package org.jboss.portal.test.security;
023:
024: import org.jboss.portal.security.PortalPermissionCollection;
025: import org.jboss.portal.security.PortalSecurityException;
026: import org.jboss.portal.security.RoleSecurityBinding;
027: import org.jboss.portal.security.impl.jacc.JACCPortalPermissionCollection;
028: import org.jboss.portal.security.spi.provider.AuthorizationDomain;
029: import org.jboss.security.SimplePrincipal;
030:
031: import java.security.Principal;
032: import java.util.Collections;
033:
034: /**
035: * @author <a href="mailto:julien@jboss.org">Julien Viet</a>
036: * @version $Revision: 8784 $
037: */
038: public class SimpleTestCase extends PortalPermissionTestCase {
039:
040: public SimpleTestCase(String name) {
041: super (name);
042: }
043:
044: public void testFlat() throws Exception {
045: //
046: AuthorizationDomain domain = new FlatAuthorizationDomain();
047: domain.getConfigurator().setSecurityBindings(
048: "foo",
049: Collections.singleton(new RoleSecurityBinding("",
050: "admin")));
051:
052: //
053: PortalPermissionCollection collection = new JACCPortalPermissionCollection(
054: "admin", domain);
055: FlatPermission container = new FlatPermission(collection);
056: addContainerToRole("admin", container);
057:
058: //
059: server.execute(new Server.Task() {
060: public void execute() throws Exception {
061: Principal[] principals = new Principal[] { new SimplePrincipal(
062: "admin") };
063: assertTrue(implies(new FlatPermission("foo"),
064: principals));
065: assertFalse(implies(new FlatPermission("bar"),
066: principals));
067: }
068: });
069: }
070:
071: public void testHierarchyViewRecursive() throws Exception {
072: //
073: AuthorizationDomain domain = new HierarchyAuthorizationDomain();
074: domain.getConfigurator().setSecurityBindings(
075: "/foo",
076: Collections.singleton(new RoleSecurityBinding(
077: "viewrecursive", "admin")));
078:
079: //
080: PortalPermissionCollection collection = new JACCPortalPermissionCollection(
081: "admin", domain);
082: HierarchyPermission container = new HierarchyPermission(
083: collection);
084: addContainerToRole("admin", container);
085:
086: //
087: server.execute(new Server.Task() {
088: public void execute() throws Exception {
089: Principal[] principals = new Principal[] { new SimplePrincipal(
090: "admin") };
091: assertTrue(implies(new HierarchyPermission("/foo",
092: "view"), principals));
093: assertTrue(implies(new HierarchyPermission("/foo/bar",
094: "view"), principals));
095: assertFalse(implies(
096: new HierarchyPermission("/", "view"),
097: principals));
098: assertFalse(implies(new HierarchyPermission("/bar",
099: "view"), principals));
100: }
101: });
102:
103: //
104: domain.getConfigurator().removeSecurityBindings("/foo");
105: domain.getConfigurator().setSecurityBindings(
106: "/",
107: Collections.singleton(new RoleSecurityBinding(
108: "viewrecursive", "admin")));
109:
110: //
111: server.execute(new Server.Task() {
112: public void execute() throws Exception {
113: Principal[] principals = new Principal[] { new SimplePrincipal(
114: "admin") };
115: assertTrue(implies(new HierarchyPermission("/foo",
116: "view"), principals));
117: assertTrue(implies(new HierarchyPermission("/foo/bar",
118: "view"), principals));
119: assertTrue(implies(
120: new HierarchyPermission("/", "view"),
121: principals));
122: assertTrue(implies(new HierarchyPermission("/bar",
123: "view"), principals));
124: }
125: });
126: }
127:
128: public void testHierarchyView() throws Exception {
129: //
130: AuthorizationDomain domain = new HierarchyAuthorizationDomain();
131: domain.getConfigurator().setSecurityBindings(
132: "/foo",
133: Collections.singleton(new RoleSecurityBinding("view",
134: "admin")));
135:
136: //
137: PortalPermissionCollection collection = new JACCPortalPermissionCollection(
138: "admin", domain);
139: HierarchyPermission container = new HierarchyPermission(
140: collection);
141: addContainerToRole("admin", container);
142:
143: //
144: server.execute(new Server.Task() {
145: public void execute() throws Exception {
146: Principal[] principals = new Principal[] { new SimplePrincipal(
147: "admin") };
148: assertTrue(implies(new HierarchyPermission("/foo",
149: "view"), principals));
150: assertFalse(implies(new HierarchyPermission("/foo/bar",
151: "view"), principals));
152: assertFalse(implies(
153: new HierarchyPermission("/", "view"),
154: principals));
155: assertFalse(implies(new HierarchyPermission("/bar",
156: "view"), principals));
157: }
158: });
159: }
160:
161: public void testDomainImpliesThrowingPortalSecurityException()
162: throws Exception {
163: //
164: AuthorizationDomain domain = new HierarchyAuthorizationDomain();
165:
166: //
167: PortalPermissionCollection collection = new JACCPortalPermissionCollection(
168: "admin", domain);
169: DomainImplyFailsPermission container = new DomainImplyFailsPermission(
170: collection, new PortalSecurityException());
171: addContainerToRole("admin", container);
172:
173: //
174: server.execute(new Server.Task() {
175: public void execute() throws Exception {
176: Principal[] principals = new Principal[] { new SimplePrincipal(
177: "admin") };
178: assertFalse(implies(new DomainImplyFailsPermission(
179: "whatever"), principals));
180: }
181: });
182: }
183:
184: public void testDomainImpliesThrowingRuntimeException()
185: throws Exception {
186: //
187: AuthorizationDomain domain = new HierarchyAuthorizationDomain();
188:
189: //
190: PortalPermissionCollection collection = new JACCPortalPermissionCollection(
191: "admin", domain);
192: DomainImplyFailsPermission container = new DomainImplyFailsPermission(
193: collection, new RuntimeException());
194: addContainerToRole("admin", container);
195:
196: //
197: server.execute(new Server.Task() {
198: public void execute() throws Exception {
199: Principal[] principals = new Principal[] { new SimplePrincipal(
200: "admin") };
201: assertFalse(implies(new DomainImplyFailsPermission(
202: "whatever"), principals));
203: }
204: });
205: }
206:
207: public void testDomainImpliesThrowingError() throws Exception {
208: //
209: AuthorizationDomain domain = new HierarchyAuthorizationDomain();
210:
211: //
212: PortalPermissionCollection collection = new JACCPortalPermissionCollection(
213: "admin", domain);
214: DomainImplyFailsPermission container = new DomainImplyFailsPermission(
215: collection, new Error());
216: addContainerToRole("admin", container);
217:
218: //
219: server.execute(new Server.Task() {
220: public void execute() throws Exception {
221: Principal[] principals = new Principal[] { new SimplePrincipal(
222: "admin") };
223: try {
224: implies(new DomainImplyFailsPermission("whatever"),
225: principals);
226: fail("Was expecting an error to be thrown from the security check");
227: } catch (Error expected) {
228: }
229: }
230: });
231: }
232: }
|