1 28 package net.sf.jguard.core.authorization.permissions; 29 30 import java.io.FilePermission ; 31 import java.security.Permission ; 32 import java.security.PermissionCollection ; 33 import java.security.Permissions ; 34 import java.security.Principal ; 35 import java.security.ProtectionDomain ; 36 import java.util.Enumeration ; 37 import java.util.logging.Level ; 38 import java.util.logging.Logger ; 39 40 import javax.security.auth.Subject ; 41 42 import junit.framework.TestCase; 43 import net.sf.jguard.core.authentication.credentials.JGuardCredential; 44 import net.sf.jguard.core.authorization.permissions.PermissionUtils; 45 import net.sf.jguard.core.authorization.permissions.URLPermission; 46 import net.sf.jguard.core.principals.UserPrincipal; 47 48 52 public class PermissionUtilsTest extends TestCase { 53 54 55 private static final Logger logger = Logger.getLogger(PermissionUtilsTest.class.getName()); 56 57 public void testEvaluatePermissionCollection()throws Throwable { 58 PermissionUtils.setCachesEnabled(true); 59 PermissionUtils.createCaches(); 60 61 Subject subjectA = new Subject (); 62 63 JGuardCredential nameA = new JGuardCredential(); 64 nameA.setId("name"); 65 nameA.setValue("userA"); 66 JGuardCredential companyA = new JGuardCredential(); 67 companyA.setId("company"); 68 companyA.setValue("companyA"); 69 70 subjectA.getPublicCredentials().add(nameA); 71 subjectA.getPublicCredentials().add(companyA); 72 73 if (logger.isLoggable(Level.FINEST)){ 74 logger.finest("---- logging subject ----"); 75 logger.finest(subjectA.toString()); 76 } 77 78 UserPrincipal userPrincipal = new UserPrincipal(subjectA); 79 80 ProtectionDomain protectionDomain = new ProtectionDomain (null,new Permissions (),null,new Principal []{userPrincipal}); 81 82 PermissionCollection pc = new Permissions (); 83 Permission p1 = new FilePermission ("file://home", "read"); 84 Permission p2 = new FilePermission ("file://home/user/${subject.publicCredentials.name}", "read"); 85 Permission p3 = new FilePermission ("file://home/user/${subject.publicCredentials.company}", "read"); 86 Permission p4 = new FilePermission ("file://home/user/${subject.publicCredentials.name}/" + 87 "${subject.publicCredentials.company}/${subject.publicCredentials.name}/" + 88 "${subject.publicCredentials.name}/${subject.publicCredentials.company}", "read"); 89 Permission p5 = new FilePermission ("file://home/user/${subject.publicCredentials.age}", "read"); 90 Permission p6 = new URLPermission("index","http://www.website.com/index.html?name=${subject.publicCredentials.name}"); 91 Permission p7 = new URLPermission("index2","http://www.web�site.com/index.html?name=${subject.publicCredentials.name}"); 92 93 pc.add(p1); 94 pc.add(p2); 95 pc.add(p3); 96 pc.add(p4); 97 pc.add(p5); 98 pc.add(p6); 99 pc.add(p7); 100 101 if (logger.isLoggable(Level.FINEST)){ 102 logger.finest("---- logging unresolved permissions ----"); 103 Enumeration unresolvedPermEnum = pc.elements(); 104 while (unresolvedPermEnum.hasMoreElements()){ 105 logger.finest(unresolvedPermEnum.nextElement().toString()); 106 } 107 } 108 109 PermissionCollection expectedPc = new Permissions (); 110 Permission expectedP1 = new FilePermission ("file://home", "read"); 111 Permission expectedP2 = new FilePermission ("file://home/user/userA", "read"); 112 Permission expectedP3 = new FilePermission ("file://home/user/companyA", "read"); 113 Permission expectedP4 = new FilePermission ("file://home/user/userA/companyA/userA/userA/companyA", "read"); 114 Permission expectedP6 = new URLPermission("index", "http://www.website.com/index.html?name=userA"); 115 Permission expectedP7 = new URLPermission("index2", "http://www.web�site.com/index.html?name=userA"); 116 117 expectedPc.add(expectedP1); 118 expectedPc.add(expectedP2); 119 expectedPc.add(expectedP3); 120 expectedPc.add(expectedP4); 121 expectedPc.add(expectedP6); 122 expectedPc.add(expectedP7); 123 124 PermissionCollection resolvedPc = PermissionUtils.evaluatePermissionCollection(protectionDomain, pc); 126 127 if (logger.isLoggable(Level.FINEST)){ 128 logger.finest("---- logging expected permissions ----"); 129 Enumeration expectedPermEnum = expectedPc.elements(); 130 while (expectedPermEnum.hasMoreElements()){ 131 logger.finest(expectedPermEnum.nextElement().toString()); 132 } 133 134 logger.finest("---- logging resolved permissions ----"); 135 } 136 137 int collectionSize = 0; 138 Enumeration permEnum = resolvedPc.elements(); 139 while (permEnum.hasMoreElements()){ 140 Permission resolvedPerm = (Permission ) permEnum.nextElement(); 141 logger.finest("verify implies for " + resolvedPerm.toString()); 142 System.out.println("verify implies for " + resolvedPerm.toString()); 143 assertTrue(expectedPc.implies(resolvedPerm)); 144 collectionSize ++; 145 } 146 assertEquals(6,collectionSize); 147 System.out.println("END EVALUATE PERMISSION TEST"); 148 } 149 150 151 152 public void testEvaluateCombinativePermissionCollection()throws Throwable { 153 PermissionUtils.setCachesEnabled(true); 154 PermissionUtils.createCaches(); 155 156 Subject subject = new Subject (); 157 158 JGuardCredential nameA = new JGuardCredential(); 159 nameA.setId("name"); 160 nameA.setValue("userA"); 161 JGuardCredential nameB = new JGuardCredential(); 162 nameB.setId("name"); 163 nameB.setValue("userB"); 164 JGuardCredential companyA = new JGuardCredential(); 165 companyA.setId("company"); 166 companyA.setValue("companyA"); 167 JGuardCredential companyB = new JGuardCredential(); 168 companyB.setId("company"); 169 companyB.setValue("companyB"); 170 JGuardCredential age = new JGuardCredential(); 171 age.setId("age"); 172 age.setValue("100"); 173 174 subject.getPublicCredentials().add(nameA); 175 subject.getPublicCredentials().add(nameB); 176 subject.getPublicCredentials().add(companyA); 177 subject.getPublicCredentials().add(companyB); 178 subject.getPublicCredentials().add(age); 179 180 if (logger.isLoggable(Level.FINEST)){ 181 logger.finest("---- logging subject ----"); 182 logger.finest(subject.toString()); 183 } 184 185 UserPrincipal userPrincipal = new UserPrincipal(subject); 186 187 ProtectionDomain protectionDomain = new ProtectionDomain (null,new Permissions (),null,new Principal []{userPrincipal}); 188 189 PermissionCollection pc = new Permissions (); 190 Permission p1 = new FilePermission ("file://home", "read"); 191 Permission p2 = new FilePermission ("file://home/user/${subject.publicCredentials.name}", "read"); 192 Permission p3 = new FilePermission ("file://home/user/${subject.publicCredentials.company}", "read"); 193 Permission p4 = new FilePermission ("file://home/user/${subject.publicCredentials.name}/" + 194 "${subject.publicCredentials.company}/${subject.publicCredentials.age}", "read"); 195 Permission p5 = new FilePermission ("file://home/user/${subject.publicCredentials.company}/${subject.publicCredentials.company}", "read"); 196 Permission p6 = new URLPermission("index","http://www.website.com/index.html?name=${subject.publicCredentials.name}&company=${subject.publicCredentials.company}&age=${subject.publicCredentials.age}"); 197 198 pc.add(p1); 199 pc.add(p2); 200 pc.add(p3); 201 pc.add(p4); 202 pc.add(p5); 203 pc.add(p6); 204 205 if (logger.isLoggable(Level.FINEST)){ 206 logger.finest("---- logging unresolved permissions ----"); 207 Enumeration unresolvedPermEnum = pc.elements(); 208 while (unresolvedPermEnum.hasMoreElements()){ 209 logger.finest(unresolvedPermEnum.nextElement().toString()); 210 } 211 } 212 213 PermissionCollection expectedPc = new Permissions (); 214 Permission expectedP1 = new FilePermission ("file://home", "read"); 215 Permission expectedP2a = new FilePermission ("file://home/user/userA", "read"); 216 Permission expectedP2b = new FilePermission ("file://home/user/userB", "read"); 217 Permission expectedP3a = new FilePermission ("file://home/user/companyA", "read"); 218 Permission expectedP3b = new FilePermission ("file://home/user/companyB", "read"); 219 Permission expectedP4a = new FilePermission ("file://home/user/userA/companyA/100", "read"); 220 Permission expectedP4b = new FilePermission ("file://home/user/userA/companyB/100", "read"); 221 Permission expectedP4c = new FilePermission ("file://home/user/userB/companyA/100", "read"); 222 Permission expectedP4d = new FilePermission ("file://home/user/userB/companyB/100", "read"); 223 Permission expectedP5a = new FilePermission ("file://home/user/companyA/companyA", "read"); 224 Permission expectedP5b = new FilePermission ("file://home/user/companyA/companyB", "read"); 225 Permission expectedP5c = new FilePermission ("file://home/user/companyB/companyA", "read"); 226 Permission expectedP5d = new FilePermission ("file://home/user/companyB/companyB", "read"); 227 Permission expectedP6a = new URLPermission("index", "http://www.website.com/index.html?name=userA&company=companyA&age=100"); 228 Permission expectedP6b = new URLPermission("index", "http://www.website.com/index.html?name=userA&company=companyB&age=100"); 229 Permission expectedP6c = new URLPermission("index", "http://www.website.com/index.html?name=userB&company=companyA&age=100"); 230 Permission expectedP6d = new URLPermission("index", "http://www.website.com/index.html?name=userB&company=companyB&age=100"); 231 232 expectedPc.add(expectedP1); 233 expectedPc.add(expectedP2a); 234 expectedPc.add(expectedP2b); 235 expectedPc.add(expectedP3a); 236 expectedPc.add(expectedP3b); 237 expectedPc.add(expectedP4a); 238 expectedPc.add(expectedP4b); 239 expectedPc.add(expectedP4c); 240 expectedPc.add(expectedP4d); 241 expectedPc.add(expectedP5a); 242 expectedPc.add(expectedP5b); 243 expectedPc.add(expectedP5c); 244 expectedPc.add(expectedP5d); 245 expectedPc.add(expectedP6a); 246 expectedPc.add(expectedP6b); 247 expectedPc.add(expectedP6c); 248 expectedPc.add(expectedP6d); 249 250 PermissionCollection resolvedPc = PermissionUtils.evaluatePermissionCollection(protectionDomain, pc); 252 253 if (logger.isLoggable(Level.FINEST)){ 254 logger.finest("---- logging expected permissions ----"); 255 Enumeration expectedPermEnum = expectedPc.elements(); 256 while (expectedPermEnum.hasMoreElements()){ 257 logger.finest(expectedPermEnum.nextElement().toString()); 258 } 259 260 logger.finest("---- logging resolved permissions ----"); 261 } 262 263 int collectionSize = 0; 264 Enumeration permEnum = resolvedPc.elements(); 265 while (permEnum.hasMoreElements()){ 266 Permission resolvedPerm = (Permission ) permEnum.nextElement(); 267 logger.finest("verify implies for " + resolvedPerm.toString()); 268 System.out.println("verify implies for " + resolvedPerm.toString()); 269 assertTrue(expectedPc.implies(resolvedPerm)); 270 collectionSize ++; 271 } 272 assertEquals(17,collectionSize); 273 System.out.println("END EVALUATE COMBINATIVE PERMISSION TEST"); 274 275 } 276 277 } 278 | Popular Tags |