001: /*
002: * Licensed to the Apache Software Foundation (ASF) under one or more
003: * contributor license agreements. See the NOTICE file distributed with
004: * this work for additional information regarding copyright ownership.
005: * The ASF licenses this file to You under the Apache License, Version 2.0
006: * (the "License"); you may not use this file except in compliance with
007: * the License. You may obtain a copy of the License at
008: *
009: * http://www.apache.org/licenses/LICENSE-2.0
010: *
011: * Unless required by applicable law or agreed to in writing, software
012: * distributed under the License is distributed on an "AS IS" BASIS,
013: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014: * See the License for the specific language governing permissions and
015: * limitations under the License.
016: */
017: package org.apache.jetspeed.security.spi;
018:
019: import java.security.Permission;
020: import java.security.Permissions;
021: import java.security.Principal;
022:
023: import org.apache.jetspeed.security.PortletPermission;
024: import org.apache.jetspeed.security.impl.RolePrincipalImpl;
025: import org.apache.jetspeed.security.util.test.AbstractSecurityTestcase;
026:
027: import junit.framework.Test;
028: import junit.framework.TestSuite;
029:
030: /**
031: * <p>
032: * Unit testing for {@link RoleSecurityHandler}.
033: * </p>
034: *
035: * @author <a href="mailto:dlestrat@apache.org">David Le Strat </a>
036: */
037: public class TestRoleSecurityHandler extends AbstractSecurityTestcase {
038:
039: /**
040: * @see junit.framework.TestCase#setUp()
041: */
042: protected void setUp() throws Exception {
043: super .setUp();
044: }
045:
046: /**
047: * @see junit.framework.TestCase#tearDown()
048: */
049: public void tearDown() throws Exception {
050: super .tearDown();
051: }
052:
053: /**
054: * <p>
055: * Constructs the suite.
056: * </p>
057: *
058: * @return The {@Test}.
059: */
060: public static Test suite() {
061: return new TestSuite(TestRoleSecurityHandler.class);
062: }
063:
064: /**
065: * <p>
066: * Test <code>getRolePrincipal</code>.
067: * </p>
068: */
069: public void testGetRolePrincipal() throws Exception {
070: initRole();
071: Principal principal = rsh.getRolePrincipal("testusertorole1");
072: assertNotNull(principal);
073: assertEquals("testusertorole1", principal.getName());
074: destroyRole();
075: }
076:
077: /**
078: * <p>
079: * Test <code>removeRolePrincipal</code>.
080: * </p>
081: */
082: public void testRemoveRolePrincipal() throws Exception {
083: initMappedRole();
084: rsh.removeRolePrincipal(new RolePrincipalImpl("mappedrole"));
085: // The user should still exist.
086: assertTrue(ums.userExists("mappedroleuser"));
087: // The group should still exist.
088: assertTrue(gms.groupExists("mappedgroup"));
089: // The permission should still exist.
090: assertTrue(pms.permissionExists(new PortletPermission(
091: "myportlet", "view")));
092: // The user-role mapping should be gone.
093: assertFalse(rms.isUserInRole("mappedroleuser", "mappedrole"));
094: // The group-role mapping should be gone.
095: assertFalse(rms.isGroupInRole("mappedgroup", "mappedroleuser"));
096: // The permission-role mapping should be gone.
097: Permissions perms = pms.getPermissions(new RolePrincipalImpl(
098: "mappedrole"));
099: assertFalse(perms.implies(new PortletPermission("myportlet",
100: "view")));
101:
102: destroyMappedRole();
103: }
104:
105: /**
106: * <p>
107: * Initialize role test object.
108: * </p>
109: */
110: protected void initRole() throws Exception {
111: rms.addRole("testusertorole1");
112: }
113:
114: /**
115: * <p>
116: * Destroy role test object.
117: * </p>
118: */
119: protected void destroyRole() throws Exception {
120: rms.removeRole("testusertorole1");
121: }
122:
123: protected void initMappedRole() throws Exception {
124: destroyMappedRole();
125: ums.addUser("mappedroleuser", "password");
126: rms.addRole("mappedrole");
127: rms.addRole("mappedrole.role1");
128: gms.addGroup("mappedgroup");
129:
130: Permission perm = new PortletPermission("myportlet", "view");
131: pms.addPermission(perm);
132: pms.grantPermission(new RolePrincipalImpl("mappedrole"), perm);
133:
134: rms.addRoleToUser("mappedroleuser", "mappedrole");
135: rms.addRoleToGroup("mappedrole", "mappedgroup");
136: }
137:
138: protected void destroyMappedRole() throws Exception {
139: if (ums.userExists("mappedroleuser"))
140: ums.removeUser("mappedroleuser");
141: if (rms.roleExists("mappedrole"))
142: rms.removeRole("mappedrole.role1");
143: if (rms.roleExists("mappedrole.role1"))
144: rms.removeRole("mappedrole");
145: if (gms.groupExists("mappedgroup"))
146: gms.removeGroup("mappedgroup");
147: PortletPermission pp = new PortletPermission("myportlet",
148: "view");
149: if (pms.permissionExists(pp))
150: pms.removePermission(pp);
151: }
152: }
|