1 package org.apache.turbine.services.security;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22 import junit.framework.Test;
23 import junit.framework.TestSuite;
24
25 import org.apache.turbine.om.security.Group;
26 import org.apache.turbine.om.security.Role;
27 import org.apache.turbine.om.security.User;
28 import org.apache.turbine.test.BaseTurbineHsqlTest;
29 import org.apache.turbine.util.security.AccessControlList;
30 import org.apache.turbine.util.security.DataBackendException;
31 import org.apache.turbine.util.security.EntityExistsException;
32 import org.apache.turbine.util.security.PermissionSet;
33 import org.apache.turbine.util.security.RoleSet;
34 import org.apache.turbine.util.security.UnknownEntityException;
35
36 public class TestSecurityRole
37 extends BaseTurbineHsqlTest
38 {
39 public TestSecurityRole(String name)
40 throws Exception
41 {
42 super(name, "conf/test/TurbineResources.properties");
43 }
44
45 public static Test suite()
46 {
47 return new TestSuite(TestSecurityRole.class);
48 }
49
50 public void testInit()
51 {
52 SecurityService ss = TurbineSecurity.getService();
53 assertTrue("Service failed to initialize", ss.getInit());
54 }
55
56 public void testRoleByName()
57 throws Exception
58 {
59 SecurityService ss = TurbineSecurity.getService();
60
61 Role role = ss.getRoleByName("User");
62 assertNotNull(role);
63 assertEquals(role.getName(), "User");
64 }
65
66 public void testRoleById()
67 throws Exception
68 {
69 SecurityService ss = TurbineSecurity.getService();
70
71 Role role = ss.getRoleById(2);
72 assertNotNull(role);
73 assertEquals(role.getName(), "Admin");
74 }
75
76 public void testRolePermissions()
77 throws Exception
78 {
79 SecurityService ss = TurbineSecurity.getService();
80
81 Role role = ss.getRoleByName("User");
82 assertNotNull(role);
83
84 PermissionSet ps = ss.getPermissions(role);
85
86 assertEquals(2, ps.size());
87 }
88
89 public void testAllRoles()
90 throws Exception
91 {
92 SecurityService ss = TurbineSecurity.getService();
93
94 RoleSet gs = ss.getAllRoles();
95
96 assertEquals(2, gs.size());
97 }
98
99
100 public void testAddRole()
101 throws Exception
102 {
103 SecurityService ss = TurbineSecurity.getService();
104
105 Role newbie = ss.getRoleInstance();
106 newbie.setName("newbie");
107
108 ss.addRole(newbie);
109
110 assertEquals("Role was not added", 3, ss.getAllRoles().size());
111
112 try
113 {
114 Role user = ss.getRoleByName("User");
115
116 ss.addRole(user);
117 fail("Existing Role could be added!");
118 }
119 catch (Exception e)
120 {
121 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), EntityExistsException.class, e.getClass());
122 }
123
124 try
125 {
126 Role empty = ss.getRoleInstance();
127
128 ss.addRole(empty);
129 fail("Role with empty Rolename could be added!");
130 }
131 catch (Exception e)
132 {
133 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), DataBackendException.class, e.getClass());
134 }
135
136 assertEquals("Role was not added", 3, ss.getAllRoles().size());
137 }
138
139 public void testRemoveRole()
140 throws Exception
141 {
142 SecurityService ss = TurbineSecurity.getService();
143
144 assertEquals("Role was not added", 3, ss.getAllRoles().size());
145
146 Role newbie = ss.getRoleByName("newbie");
147 assertNotNull(newbie);
148
149 ss.removeRole(newbie);
150
151 try
152 {
153 Role foo = ss.getRoleInstance();
154 foo.setName("foo");
155
156 ss.removeRole(foo);
157 fail("Non Existing Role could be deleted!");
158 }
159 catch (Exception e)
160 {
161 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), UnknownEntityException.class);
162 }
163
164 assertEquals("Role was not removed", 2, ss.getAllRoles().size());
165 }
166
167 public void testGrantRole()
168 throws Exception
169 {
170 SecurityService ss = TurbineSecurity.getService();
171
172 User admin = ss.getUser("admin");
173 assertNotNull(admin);
174
175 Group global = ss.getGroupByName("global");
176 assertNotNull(global);
177
178 Role app = ss.getRoleByName("User");
179 assertNotNull(app);
180
181 AccessControlList acl = ss.getACL(admin);
182 assertFalse(acl.hasRole(app, global));
183
184 ss.grant(admin, global, app);
185
186 AccessControlList acl2 = ss.getACL(admin);
187 assertTrue(acl2.hasRole(app, global));
188
189
190 assertFalse(acl.hasRole(app, global));
191
192 try
193 {
194 ss.grant(admin, global, app);
195 fail("Role could be granted twice!");
196 }
197 catch (Exception e)
198 {
199
200
201
202
203 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), DataBackendException.class, e.getClass());
204 }
205
206 try
207 {
208 Role unknown = ss.getRoleInstance("unknown");
209
210 ss.grant(admin, global, unknown);
211 fail("Nonexisting Role could be granted!");
212 }
213 catch (Exception e)
214 {
215 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), UnknownEntityException.class, e.getClass());
216 }
217
218 try
219 {
220 Group unknown = ss.getGroupInstance("unknown");
221
222 ss.grant(admin, unknown, app);
223 fail("Role in non existing group could be granted!");
224 }
225 catch (Exception e)
226 {
227 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), UnknownEntityException.class, e.getClass());
228 }
229 }
230
231 public void testRevokeRole()
232 throws Exception
233 {
234 SecurityService ss = TurbineSecurity.getService();
235
236 User admin = ss.getUser("admin");
237 assertNotNull(admin);
238
239 Group global = ss.getGroupByName("global");
240 assertNotNull(global);
241
242 Role app = ss.getRoleByName("User");
243 assertNotNull(app);
244
245 AccessControlList acl = ss.getACL(admin);
246 assertTrue(acl.hasRole(app, global));
247
248 ss.revoke(admin, global, app);
249
250 AccessControlList acl2 = ss.getACL(admin);
251 assertFalse(acl2.hasRole(app, global));
252
253
254 assertTrue(acl.hasRole(app, global));
255
256 try
257 {
258 Role unknown = ss.getRoleInstance("unknown");
259 ss.revoke(admin, global, unknown);
260 fail("Nonexisting Role could be revoked!");
261 }
262 catch (Exception e)
263 {
264 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), UnknownEntityException.class, e.getClass());
265 }
266
267 try
268 {
269 Group unknown = ss.getGroupInstance("unknown");
270 ss.revoke(admin, unknown, app);
271 fail("Role in non existing group could be revoked!");
272 }
273 catch (Exception e)
274 {
275 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), UnknownEntityException.class, e.getClass());
276
277 }
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315 }
316
317 public void testRevokeAll()
318 throws Exception
319 {
320 SecurityService ss = TurbineSecurity.getService();
321
322 User admin = ss.getUser("admin");
323 assertNotNull(admin);
324
325 Group turbine = ss.getGroupByName("Turbine");
326 assertNotNull(turbine);
327
328 AccessControlList acl = ss.getACL(admin);
329 assertEquals(1, acl.getRoles(turbine).size());
330
331 ss.revokeAll(admin);
332
333 AccessControlList acl2 = ss.getACL(admin);
334 assertEquals(0, acl2.getRoles(turbine).size());
335 }
336
337 public void testSaveRole()
338 throws Exception
339 {
340 SecurityService ss = TurbineSecurity.getService();
341
342 Role admin = ss.getRoleByName("Admin");
343
344 ss.saveRole(admin);
345
346 try
347 {
348 Role fake = ss.getRoleInstance("fake");
349
350 ss.saveRole(fake);
351 fail("Non Existing Role could be saved!");
352 }
353 catch (Exception e)
354 {
355 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), UnknownEntityException.class);
356 }
357 }
358
359 public void testRenameRole()
360 throws Exception
361 {
362 SecurityService ss = TurbineSecurity.getService();
363
364 Role newbie = ss.getRoleInstance("newbie");
365 ss.addRole(newbie);
366
367 Role test = ss.getRoleByName("newbie");
368 assertNotNull(test);
369
370 ss.renameRole(test, "fake");
371
372 Role fake = ss.getRoleByName("fake");
373 assertNotNull(fake);
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394 }
395 }