1 package org.apache.turbine.services.security;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 import junit.framework.Test;
23 import junit.framework.TestSuite;
24
25 import org.apache.turbine.om.security.Permission;
26 import org.apache.turbine.om.security.Role;
27 import org.apache.turbine.test.BaseTurbineHsqlTest;
28 import org.apache.turbine.util.security.DataBackendException;
29 import org.apache.turbine.util.security.EntityExistsException;
30 import org.apache.turbine.util.security.PermissionSet;
31 import org.apache.turbine.util.security.UnknownEntityException;
32
33 public class TestSecurityPermission
34 extends BaseTurbineHsqlTest
35 {
36 public TestSecurityPermission(String name)
37 throws Exception
38 {
39 super(name, "conf/test/TurbineResources.properties");
40 }
41
42 public static Test suite()
43 {
44 return new TestSuite(TestSecurityPermission.class);
45 }
46
47 public void testInit()
48 {
49 SecurityService ss = TurbineSecurity.getService();
50 assertTrue("Service failed to initialize", ss.getInit());
51 }
52
53 public void testPermissionByName()
54 throws Exception
55 {
56 SecurityService ss = TurbineSecurity.getService();
57
58 Permission permission = ss.getPermissionByName("Login");
59 assertNotNull(permission);
60 assertEquals(permission.getName(), "Login");
61 }
62
63 public void testPermissionById()
64 throws Exception
65 {
66 SecurityService ss = TurbineSecurity.getService();
67
68 Permission permission = ss.getPermissionById(2);
69 assertNotNull(permission);
70 assertEquals(permission.getName(), "Application");
71 }
72
73 public void testAllPermissions()
74 throws Exception
75 {
76 SecurityService ss = TurbineSecurity.getService();
77
78 PermissionSet gs = ss.getAllPermissions();
79
80 assertEquals(3, gs.size());
81 }
82
83 public void testAddPermission()
84 throws Exception
85 {
86 SecurityService ss = TurbineSecurity.getService();
87
88 Permission newbie = ss.getPermissionInstance();
89 newbie.setName("newbie");
90
91 ss.addPermission(newbie);
92
93 assertEquals("Permission was not added", 4, ss.getAllPermissions().size());
94
95 try
96 {
97 Permission application = ss.getPermissionByName("Application");
98
99 ss.addPermission(application);
100 fail("Existing Permission could be added!");
101 }
102 catch (Exception e)
103 {
104 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), EntityExistsException.class, e.getClass());
105 }
106
107 try
108 {
109 Permission empty = ss.getPermissionInstance();
110
111 ss.addPermission(empty);
112 fail("Permission with empty Permissionname could be added!");
113 }
114 catch (Exception e)
115 {
116 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), DataBackendException.class, e.getClass());
117 }
118
119 assertEquals("Permission was not added", 4, ss.getAllPermissions().size());
120 }
121
122 public void testRemovePermission()
123 throws Exception
124 {
125 SecurityService ss = TurbineSecurity.getService();
126
127 assertEquals("Permission was not added", 4, ss.getAllPermissions().size());
128
129 Permission newbie = ss.getPermissionByName("newbie");
130 assertNotNull(newbie);
131
132 ss.removePermission(newbie);
133
134 try
135 {
136 Permission foo = ss.getPermissionInstance();
137 foo.setName("foo");
138
139 ss.removePermission(foo);
140 fail("Non Existing Permission could be deleted!");
141 }
142 catch (Exception e)
143 {
144 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), UnknownEntityException.class);
145 }
146
147 assertEquals("Permission was not removed", 3, ss.getAllPermissions().size());
148 }
149
150 public void testGrantPermission()
151 throws Exception
152 {
153 SecurityService ss = TurbineSecurity.getService();
154
155 Role admin = ss.getRoleByName("Admin");
156 assertNotNull(admin);
157
158 Permission app = ss.getPermissionByName("Application");
159 assertNotNull(app);
160
161 PermissionSet ps = admin.getPermissions();
162 assertFalse(ps.contains(app));
163
164 ss.grant(admin, app);
165
166 Role admin2 = ss.getRoleByName("Admin");
167 assertNotNull(admin2);
168
169 PermissionSet ps2 = admin2.getPermissions();
170 assertTrue(ps2.contains(app));
171
172
173 assertFalse(ps.contains(app));
174
175 try
176 {
177 ss.grant(admin2, app);
178 fail("Permission could be granted twice!");
179 }
180 catch (Exception e)
181 {
182
183
184
185
186 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), DataBackendException.class, e.getClass());
187 }
188
189 try
190 {
191 Permission unknown = ss.getPermissionInstance("unknown");
192
193 ss.grant(admin, unknown);
194 fail("Nonexisting Permission could be granted!");
195 }
196 catch (Exception e)
197 {
198 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), UnknownEntityException.class, e.getClass());
199 }
200
201 }
202
203 public void testRevokePermission()
204 throws Exception
205 {
206 SecurityService ss = TurbineSecurity.getService();
207
208 Role admin = ss.getRoleByName("Admin");
209 assertNotNull(admin);
210
211 Permission app = ss.getPermissionByName("Application");
212 assertNotNull(app);
213
214 PermissionSet ps = admin.getPermissions();
215 assertTrue(ps.contains(app));
216
217 ss.revoke(admin, app);
218
219 Role admin2 = ss.getRoleByName("Admin");
220 assertNotNull(admin2);
221
222 PermissionSet ps2 = admin2.getPermissions();
223 assertFalse(ps2.contains(app));
224
225
226 assertTrue(ps.contains(app));
227
228 try
229 {
230 Permission unknown = ss.getPermissionInstance("unknown");
231 ss.revoke(admin, unknown);
232 fail("Nonexisting Permission could be revoked!");
233 }
234 catch (Exception e)
235 {
236 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), UnknownEntityException.class, e.getClass());
237 }
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265 }
266
267 public void testRevokeAll()
268 throws Exception
269 {
270 SecurityService ss = TurbineSecurity.getService();
271
272 Role user = ss.getRoleByName("User");
273 assertNotNull(user);
274
275 PermissionSet ps = user.getPermissions();
276 assertEquals(2, ps.size());
277
278 ss.revokeAll(user);
279
280 Role user2 = ss.getRoleByName("User");
281 assertNotNull(user2);
282
283 PermissionSet ps2 = user2.getPermissions();
284 assertEquals(0, ps2.size());
285 }
286
287 public void testSavePermission()
288 throws Exception
289 {
290 SecurityService ss = TurbineSecurity.getService();
291
292 Permission application = ss.getPermissionByName("Application");
293
294 ss.savePermission(application);
295
296 try
297 {
298 Permission fake = ss.getPermissionInstance("fake");
299
300 ss.savePermission(fake);
301 fail("Non Existing Permission could be saved!");
302 }
303 catch (Exception e)
304 {
305 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), UnknownEntityException.class);
306 }
307 }
308
309 public void testRenamePermission()
310 throws Exception
311 {
312 SecurityService ss = TurbineSecurity.getService();
313
314 Permission newbie = ss.getPermissionInstance("newbie");
315 ss.addPermission(newbie);
316
317 Permission test = ss.getPermissionByName("newbie");
318 assertNotNull(test);
319
320 ss.renamePermission(test, "fake");
321
322 Permission fake = ss.getPermissionByName("fake");
323 assertNotNull(fake);
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344 }
345 }