1 28 package net.sf.jguard.core.authorization.permissions; 29 30 import java.util.ArrayList ; 31 import java.util.List ; 32 33 import net.sf.jguard.core.authorization.permissions.URLPermission; 34 35 import junit.framework.TestCase; 36 import junitx.util.PrivateAccessor; 37 38 42 public class URLPermissionTest extends TestCase { 43 private URLPermission url1; 44 private URLPermission url1bis; 45 private URLPermission url2; 46 private URLPermission url3; 47 private URLPermission url4; 48 private URLPermission url5; 49 private URLPermission url8; 50 private URLPermission url9; 51 private URLPermission url10; 52 private URLPermission url11; 53 private URLPermission url12; 54 private URLPermission url13; 55 private URLPermission url13empty; 56 private URLPermission url14; 57 private URLPermission url15; 58 private URLPermission url16; 59 private URLPermission url17; 60 private URLPermission url18; 61 private URLPermission url19; 62 private URLPermission url20; 63 64 private URLPermission url21; 65 private URLPermission url22; 66 private URLPermission url23; 67 private URLPermission url24; 68 private URLPermission url25; 69 private URLPermission url26; 70 private URLPermission url27; 71 private URLPermission url28; 72 private URLPermission url29; 73 private URLPermission url30; 74 private URLPermission url31; 75 private URLPermission url32; 76 77 78 81 protected void setUp() throws Exception { 82 super.setUp(); 83 StringBuffer actions1= new StringBuffer (); 84 actions1.append("http://blabla.com/path1?param1=a¶m2=b"); 85 actions1.append(",,"); 86 actions1.append("description1"); 87 url1 = new URLPermission("url1",actions1.toString()); 88 89 StringBuffer actions1bis= new StringBuffer (); 90 actions1bis.append("http://blabla.com/path1?param1=a¶m2=b"); 91 actions1bis.append(",,"); 92 actions1bis.append("description1"); 93 url1bis = new URLPermission("url1",actions1bis.toString()); 94 95 StringBuffer actions2= new StringBuffer (); 96 actions2.append("http://blabla.com/path1?param1=a¶m2=b"); 97 actions2.append(",,"); 98 actions2.append("description2"); 99 url2 = new URLPermission("url2",actions2.toString()); 100 101 StringBuffer actions3= new StringBuffer (); 102 actions3.append("http://blabla.com/path1"); 103 actions3.append(",,"); 104 actions3.append("description3"); 105 url3 = new URLPermission("url3",actions3.toString()); 106 107 StringBuffer actions4= new StringBuffer (); 108 actions4.append("http://blabla.com/path1"); 109 actions4.append(",,"); 110 actions4.append("description4"); 111 url4 = new URLPermission("url4",actions4.toString()); 112 113 StringBuffer actions5= new StringBuffer (); 114 actions5.append("http://blabla.com/path5?param1=a¶m2=b"); 115 actions5.append(",,"); 116 actions5.append("description5"); 117 url5 = new URLPermission("url5",actions5.toString()); 118 119 StringBuffer actions6= new StringBuffer (); 120 actions6.append("http://blabla.com/path6 blabla"); 121 actions6.append(",,"); 122 actions6.append("description6"); 123 try{ 124 new URLPermission("url6",actions6.toString()); 125 }catch(IllegalArgumentException iae){ 126 System.out.println(" exception is the normal case"); 127 } 128 StringBuffer actions7= new StringBuffer (); 129 actions7.append("http://blabla.com/path7%20blabla"); 130 actions7.append(",,"); 131 actions7.append("description7"); 132 new URLPermission("url7",actions7.toString()); 133 134 StringBuffer actions8= new StringBuffer (); 135 actions8.append("http://blabla.com/testeBotao"); 136 actions8.append(",,"); 137 actions8.append("description8"); 138 url8 = new URLPermission("url8",actions8.toString()); 139 140 StringBuffer actions9= new StringBuffer (); 141 actions9.append("http://blabla.com/testeBotaoxxx"); 142 actions9.append(",,"); 143 actions9.append("description9"); 144 url9 = new URLPermission("url9",actions9.toString()); 145 146 StringBuffer actions10= new StringBuffer (); 147 actions10.append("http://blabla.com/testeBotao*"); 148 actions10.append(",,"); 149 actions10.append("description10"); 150 url10 = new URLPermission("url10",actions10.toString()); 151 152 StringBuffer actions11= new StringBuffer (); 153 actions11.append("http://blabla.com/tes*aoxxx"); 154 actions11.append(",,"); 155 actions11.append("description11"); 156 url11 = new URLPermission("url11",actions11.toString()); 157 158 StringBuffer actions12= new StringBuffer (); 159 actions12.append("/path1?param1=a¶m2=b"); 160 actions12.append(",,"); 161 actions12.append("description12"); 162 url12 = new URLPermission("url12",actions12.toString()); 163 164 StringBuffer actions13= new StringBuffer (); 165 actions13.append("/path1?param1=a¶m2=b"); 166 actions13.append(",,"); 167 actions13.append("description13"); 168 url13 = new URLPermission("url13",actions13.toString()); 169 170 url13empty = new URLPermission("url13"); 171 172 url14 = new URLPermission("url14"); 173 175 176 StringBuffer actions15= new StringBuffer (); 177 actions15.append("/index.html"); 178 actions15.append(",,"); 179 actions15.append("description15"); 180 url15 = new URLPermission("url15",actions15.toString()); 181 182 StringBuffer actions16= new StringBuffer (); 183 actions16.append("/*"); 184 actions16.append(",,"); 185 actions16.append("description16"); 186 url16 = new URLPermission("url16",actions16.toString()); 187 188 StringBuffer actions17= new StringBuffer (); 189 actions17.append("http://blabla.com/path?param1='a'"); 190 actions17.append(",,"); 191 actions17.append(""); 192 url17 = new URLPermission("url17",actions17.toString()); 193 194 StringBuffer actions18= new StringBuffer (); 195 actions18.append("http://blabla.com/path?param1='b'"); 196 actions18.append(",,"); 197 actions18.append(""); 198 url18 = new URLPermission("url18",actions18.toString()); 199 200 StringBuffer actions19= new StringBuffer (); 201 actions19.append("http://blabla.com/*?param1='a'"); 202 actions19.append(",,"); 203 actions19.append(""); 204 url19 = new URLPermission("url19",actions19.toString()); 205 206 StringBuffer actions20= new StringBuffer (); 207 actions20.append("http://blabla.com/path"); 208 actions20.append(",,"); 209 actions20.append(""); 210 url20 = new URLPermission("url20",actions20.toString()); 211 212 StringBuffer actions21= new StringBuffer (); 214 actions21.append("http://blabla.com/path?param1=abc¶m2=b"); 215 actions21.append(",,"); 216 actions21.append(""); 217 url21 = new URLPermission("url21",actions21.toString()); 218 219 StringBuffer actions22= new StringBuffer (); 220 actions22.append("http://blabla.com/path?param1=abc&*"); 221 actions22.append(",,"); 222 actions22.append(""); 223 url22 = new URLPermission("url22",actions22.toString()); 224 225 StringBuffer actions23= new StringBuffer (); 226 actions23.append("http://blabla.com/path?param1=abc¶m2=*"); 227 actions23.append(",,"); 228 actions23.append(""); 229 url23 = new URLPermission("url23",actions23.toString()); 230 231 StringBuffer actions24= new StringBuffer (); 232 actions24.append("http://blabla.com/path?param1=*"); 233 actions24.append(",,"); 234 actions24.append(""); 235 url24 = new URLPermission("url24",actions24.toString()); 236 237 StringBuffer actions25= new StringBuffer (); 238 actions25.append("http://blabla.com/path?param1=a*&*"); 239 actions25.append(",,"); 240 actions25.append(""); 241 url25 = new URLPermission("url25",actions25.toString()); 242 243 StringBuffer actions26= new StringBuffer (); 244 actions26.append("http://blabla.com/path?param1=dce&*"); 245 actions26.append(",,"); 246 actions26.append(""); 247 url26 = new URLPermission("url26",actions26.toString()); 248 249 StringBuffer actions27= new StringBuffer (); 251 actions27.append("http://blabla.com/path?param1=dce¶m2=¶m3=2"); 252 actions27.append(",,"); 253 actions27.append(""); 254 url27 = new URLPermission("url27",actions27.toString()); 255 256 StringBuffer actions28= new StringBuffer (); 257 actions28.append("http://blabla.com/path1?param1=a¶m2=b"); 258 actions28.append(",https,"); 259 actions28.append("description1"); 260 url28 = new URLPermission("url28",actions28.toString()); 261 262 StringBuffer actions29= new StringBuffer (); 263 actions29.append("http://blabla.com/path1?param1=a¶m2=b"); 264 actions29.append(",https"); 265 actions29.append(",GET"); 266 actions29.append(",description1"); 267 url29 = new URLPermission("url29",actions29.toString()); 268 269 270 StringBuffer actions30= new StringBuffer (); 271 actions30.append("http://blabla.com/path1?param1=a¶m2=b"); 272 actions30.append(",https"); 273 actions30.append(",TRACE"); 274 actions30.append(",description1"); 275 url30 = new URLPermission("url30",actions30.toString()); 276 277 278 StringBuffer actions31= new StringBuffer (); 279 actions31.append("http://blabla.com/path1?param1=a¶m2=b"); 280 actions31.append(",https"); 281 actions31.append(",ANY"); 282 actions31.append(",description1"); 283 url31 = new URLPermission("url31",actions31.toString()); 284 285 StringBuffer actions32= new StringBuffer (); 286 actions32.append("http://blabla.com/path1?param1=a¶m2=b"); 287 actions32.append(",https"); 288 actions32.append(",GET"); 289 actions32.append(",description1"); 290 url32 = new URLPermission("url32",actions32.toString()); 291 292 } 293 294 295 298 protected void tearDown() throws Exception { 299 super.tearDown(); 300 } 301 302 306 public URLPermissionTest(String arg0) { 307 super(arg0); 308 } 309 310 311 314 public void testImpliesPermission() { 315 assertTrue(url1.implies(url1)); 318 assertTrue(url1.implies(url2)); 319 assertTrue(url3.implies(url4)); 320 assertTrue(url3.implies(url2)); 321 assertFalse(url2.implies(url3)); 322 assertFalse(url5.implies(url3)); 323 assertFalse(url5.implies(url2)); 324 assertFalse(url8.implies(url9)); 325 assertTrue(url10.implies(url9)); 326 assertTrue(url11.implies(url9)); 327 assertFalse(url1.implies(url12)); 328 assertTrue(url12.implies(url13)); 329 330 assertTrue(url16.implies(url15)); 331 332 assertFalse(url17.implies(url18)); 333 334 assertTrue(url19.implies(url17)); 335 assertFalse(url19.implies(url18)); 336 337 assertTrue(url20.implies(url17)); 338 assertFalse(url17.implies(url20)); 339 340 assertTrue(url22.implies(url21)); 341 assertTrue(url23.implies(url21)); 342 assertFalse(url24.implies(url21)); 343 assertTrue(url25.implies(url21)); 344 assertFalse(url26.implies(url21)); 345 assertTrue(url26.implies(url27)); 346 assertTrue(url28.implies(url29)); 347 assertFalse(url29.implies(url28)); 348 assertFalse(url29.implies(url30)); 349 assertFalse(url30.implies(url31)); 350 assertTrue(url31.implies(url30)); 351 assertTrue(url31.implies(url32)); 352 assertFalse(url32.implies(url31)); 353 } 354 355 358 public void testEquals() { 359 360 assertFalse(url1.equals(url2)); 361 assertTrue(url1.equals(url1bis)); 362 assertTrue(url1bis.equals(url1)); 363 assertFalse(url3.equals(url4)); 364 assertFalse(url13.equals(url13empty)); 365 assertFalse(url14.equals(url13)); 366 assertFalse(url1.equals(url28)); 367 } 368 369 public void testRemoveRegexpFromURI() { 370 List patterns = new ArrayList (); 372 patterns.add("/teest*.do?toto=4&titi=dfgdfg"); 373 patterns.add("/tee*st.do?toto=4&titi=dfgdfg"); 374 patterns.add("/t*eest.do?toto=4&titi=dfgdfg"); 375 patterns.add("/t*ees*t.do?toto=4&titi=dfgdfg"); 376 patterns.add("/t*ees*t.do*?toto=4&titi=dfgdfg"); 377 patterns.add("/t*ees*t.do*?toto=4&titi=dfgdfg"); 378 patterns.add("/teest.do?toto=4&titi=dfgdfg"); 379 System.out.println("******************"); 380 for(int i = 0;i<patterns.size();i++){ 381 String prettyPattern = (String ) patterns.get(i); 382 try { 383 System.out.println("prettyPattern="+prettyPattern); 384 String uri = (String )PrivateAccessor.invoke(new URLPermission("toto"),"removeRegexpFromURI",new Class []{String .class},new Object []{prettyPattern}); 385 System.out.println("uri="+uri); 386 assertFalse(uri.matches("\\*")); 387 } catch (Throwable e) { 388 TestCase.fail(e.getMessage()); 389 } 390 } 391 392 String pattern ="/tee**st.do?toto=4&titi=dfgdfg"; 394 System.out.println("prettyPattern="+pattern); 395 try { 396 String path = (String )PrivateAccessor.invoke(new URLPermission("toto"),"removeRegexpFromURI",new Class []{String .class},new Object []{pattern}); 397 398 399 System.out.println("path="+path); 400 assertTrue(path.equals("/tee*st.do?toto=4&titi=dfgdfg")); 401 } catch (Throwable e) { 402 TestCase.fail(e.getMessage()); 403 } 404 405 String pattern2 ="/tee****st.do?toto=4&titi=dfgdfg"; 407 System.out.println("prettyPattern="+pattern); 408 try { 409 String path = (String )PrivateAccessor.invoke(new URLPermission("toto"),"removeRegexpFromURI",new Class []{String .class},new Object []{pattern2}); 410 411 System.out.println("path="+path); 412 assertTrue(path.equals("/tee**st.do?toto=4&titi=dfgdfg")); 413 } catch (Throwable e) { 414 TestCase.fail(e.getMessage()); 415 } 416 417 418 419 } 420 421 422 } 423 | Popular Tags |