KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > apache > jetspeed > services > security > turbine > TestAccessController


1 /*
2  * Copyright 2000-2001,2004 The Apache Software Foundation.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16
17 package org.apache.jetspeed.services.security.turbine;
18
19
20 // Jetspeed imports
21 import org.apache.jetspeed.test.JetspeedTestCase;
22 import org.apache.jetspeed.om.profile.Entry;
23 import org.apache.jetspeed.om.profile.psml.PsmlEntry;
24 import org.apache.jetspeed.om.security.JetspeedUser;
25 import org.apache.jetspeed.om.registry.base.BaseSecurity;
26 import org.apache.jetspeed.om.registry.base.BasePortletEntry;
27 import org.apache.jetspeed.om.registry.base.BaseParameter;
28 import org.apache.jetspeed.om.registry.Parameter;
29 import org.apache.jetspeed.om.registry.PortletEntry;
30 import org.apache.jetspeed.om.registry.Security;
31
32 import org.apache.jetspeed.services.JetspeedSecurity;
33 import org.apache.jetspeed.services.JetspeedPortalAccessController;
34 import org.apache.jetspeed.services.resources.JetspeedResources;
35 import org.apache.jetspeed.services.security.PortalResource;
36
37 // Turbine imports
38 import org.apache.turbine.util.TurbineConfig;
39 import org.apache.turbine.util.StringUtils;
40
41 // Junit imports
42 import junit.awtui.TestRunner;
43 import junit.framework.Test;
44 import junit.framework.TestSuite;
45
46 /**
47  * TestAccessController
48  *
49  * @author <a HREF="paulsp@apache.org">Paul Spencer</a>
50  * @version $Id: TestAccessController.java,v 1.1 2004/04/07 22:02:42 jford Exp $
51  */
52 public class TestAccessController extends JetspeedTestCase
53 {
54     private static String JavaDoc ADMIN_PORTLET = "GlobalAdminPortlet"; // Portlet accessable by Admin user, role = admin
55 private static String JavaDoc ALL_PORTLET = "HelloVelocity"; // Portlet accessable by Anonymous user
56 private static String JavaDoc TEST_GROUP = "Jetspeed";
57     private static String JavaDoc TEST_SECURITY_PAGE = "SecurityTest";
58     private static String JavaDoc USER_PORTLET = "SkinBrowser"; // Portlet accessable by general user, role = user
59
60     /**
61      * Defines the testcase name for JUnit.
62      *
63      * @param name the testcase's name.
64      */
65     public TestAccessController( String JavaDoc name )
66     {
67         super( name );
68     }
69     
70     /**
71      * Start the tests.
72      *
73      * @param args the arguments. Not used
74      */
75     public static void main(String JavaDoc args[])
76     {
77         TestRunner.main( new String JavaDoc[]
78         { TestAccessController.class.getName() } );
79     }
80     
81     public void setup()
82     {
83         System.out.println("Setup: Testing categories of Profiler Service");
84     }
85     /**
86      * Creates the test suite.
87      *
88      * @return a test suite (<code>TestSuite</code>) that includes all methods
89      * starting with "test"
90      */
91     public static Test suite()
92     {
93         // All methods starting with "test" will be executed in the test suite.
94 return new TestSuite( TestAccessController.class );
95     }
96     
97     public void testVerifyEnvironment() throws Exception JavaDoc
98     {
99         assertEquals( "Using TurbineAccessController",
100         "org.apache.jetspeed.services.security.turbine.TurbineAccessController",
101         JetspeedResources.getString("services.PortalAccessController.classname"));
102         
103         assertNotNull( "Getting admin user", JetspeedSecurity.getUser("admin"));
104         assertNotNull( "Getting turbine user", JetspeedSecurity.getUser("turbine"));
105         assertNotNull( "Getting anonymous user", JetspeedSecurity.getAnonymousUser());
106     }
107         
108     public void testRequiredActions() throws Exception JavaDoc
109     {
110         JetspeedUser adminUser = (JetspeedUser) JetspeedSecurity.getUser("admin");
111         assertNotNull( "Getting admin user", adminUser);
112         adminUser.setHasLoggedIn(Boolean.TRUE);
113         
114         JetspeedUser turbineUser = (JetspeedUser) JetspeedSecurity.getUser("turbine");
115         assertNotNull( "Getting turbine user", turbineUser);
116         turbineUser.setHasLoggedIn(Boolean.TRUE);
117         
118         JetspeedUser anonymousUser = (JetspeedUser) JetspeedSecurity.getAnonymousUser();
119         assertNotNull( "Getting anonymous user", anonymousUser);
120         Entry adminEntry = createEntry( ADMIN_PORTLET, "ST_01.admin");
121         Entry userEntry = createEntry(USER_PORTLET, "ST_01.user");
122         Entry allEntry = createEntry(ALL_PORTLET, "ST_01.all");
123         
124         assertEquals( "Admin user has view access to " + ADMIN_PORTLET, true, JetspeedPortalAccessController.checkPermission( adminUser, adminEntry, "view"));
125 // assertEquals( "Turbine user DOES NOT have view access to " + ADMIN_PORTLET, false, JetspeedPortalAccessController.checkPermission( turbineUser, adminEntry, "view"));
126
127 // assertEquals( "Anonymous user DOES NOT have view access to " + ADMIN_PORTLET, false, JetspeedPortalAccessController.checkPermission( anonymousUser, adminEntry, "view"));
128 // assertEquals( "null user DOES NOT have view access to " + ADMIN_PORTLET, false, JetspeedPortalAccessController.checkPermission( (JetspeedUser) null, adminEntry, "view"));
129
130         assertEquals( "Admin user has view access to " + USER_PORTLET, true, JetspeedPortalAccessController.checkPermission( adminUser, userEntry, "view"));
131         assertEquals( "Turbine user has view access to " + USER_PORTLET, true, JetspeedPortalAccessController.checkPermission( turbineUser, userEntry, "view"));
132  // assertEquals( "Anonymous user DOES NOT have view access to " + USER_PORTLET, false, JetspeedPortalAccessController.checkPermission( anonymousUser, userEntry, "view"));
133 // assertEquals( "null user DOES NOT have view access to " + USER_PORTLET, false, JetspeedPortalAccessController.checkPermission( (JetspeedUser) null, userEntry, "view"));
134
135         assertEquals( "Admin user has view access to " + ALL_PORTLET, true, JetspeedPortalAccessController.checkPermission( adminUser, allEntry, "view"));
136         assertEquals( "Turbine user has view access to " + ALL_PORTLET, true, JetspeedPortalAccessController.checkPermission( turbineUser, allEntry, "view"));
137         assertEquals( "Anonymous user has view access to " + ALL_PORTLET, true, JetspeedPortalAccessController.checkPermission( anonymousUser, allEntry, "view"));
138         assertEquals( "null user has view access to " + ALL_PORTLET, true, JetspeedPortalAccessController.checkPermission( (JetspeedUser) null, allEntry, "view"));
139     }
140
141     public void testRegistryActions() throws Exception JavaDoc
142     {
143         JetspeedUser adminUser = (JetspeedUser) JetspeedSecurity.getUser("admin");
144         assertNotNull( "Getting admin user", adminUser);
145         adminUser.setHasLoggedIn(Boolean.TRUE);
146         
147         JetspeedUser turbineUser = (JetspeedUser) JetspeedSecurity.getUser("turbine");
148         assertNotNull( "Getting turbine user", turbineUser);
149         turbineUser.setHasLoggedIn(Boolean.TRUE);
150         
151         JetspeedUser anonymousUser = (JetspeedUser) JetspeedSecurity.getAnonymousUser();
152         assertNotNull( "Getting anonymous user", anonymousUser);
153         // Create security objects
154 Security adminSecurity = new BaseSecurity("admin");
155         assertNotNull( "Have admin security", adminSecurity);
156         Security userSecurity = new BaseSecurity("user");
157         assertNotNull( "Have user security", userSecurity);
158
159         PortletEntry userPortletEntry = new BasePortletEntry();
160         assertNotNull( "Have userPortletEntry", userPortletEntry);
161         userPortletEntry.setName( USER_PORTLET);
162         userPortletEntry.setSecurity( userSecurity);
163         Parameter adminParam = new BaseParameter();
164         assertNotNull( "Have adminParameter", adminParam);
165         adminParam.setName("AdminParam");
166         adminParam.setValue("adminValue");
167         adminParam.setSecurity(adminSecurity);
168         userPortletEntry.addParameter(adminParam);
169
170         Parameter userParam = new BaseParameter();
171         assertNotNull( "Have userParameter", userParam);
172         userParam.setName("UserParam");
173         userParam.setValue("userValue");
174         userParam.setSecurity(userSecurity);
175         userPortletEntry.addParameter(userParam);
176         assertEquals( "Admin user customize access to admin parameter", true, JetspeedPortalAccessController.checkPermission( adminUser, new PortalResource( userPortletEntry, adminParam), JetspeedSecurity.PERMISSION_CUSTOMIZE));
177         assertEquals( "Turbine user customize access to admin parameter", false, JetspeedPortalAccessController.checkPermission( turbineUser, new PortalResource( userPortletEntry, adminParam), JetspeedSecurity.PERMISSION_CUSTOMIZE));
178         assertEquals( "Admin user customize access to admin parameter", true, JetspeedPortalAccessController.checkPermission( adminUser, new PortalResource( userPortletEntry, userParam), JetspeedSecurity.PERMISSION_CUSTOMIZE));
179         assertEquals( "Turbine user customize access to admin parameter", true, JetspeedPortalAccessController.checkPermission( turbineUser, new PortalResource( userPortletEntry, userParam), JetspeedSecurity.PERMISSION_CUSTOMIZE));
180         
181 /*
182         RegistryEntry adminEntry = createRegistryEntry( ADMIN_PORTLET, "ST_01.admin");
183         RegistryEntry userEntry = createRegistryEntry( USER_PORTLET, "ST_01.user");
184         RegistryEntry allEntry = createRegistryEntry( ALL_PORTLET, "ST_01.all");
185         
186         assertEquals( "Admin user has view access to " + ADMIN_PORTLET, true, JetspeedPortalAccessController.checkPermission( adminUser, adminEntry, "view"));
187         assertEquals( "Turbine user DOES NOT have view access to " + ADMIN_PORTLET, false, JetspeedPortalAccessController.checkPermission( turbineUser, adminEntry, "view"));
188         assertEquals( "Anonymous user DOES NOT have view access to " + ADMIN_PORTLET, false, JetspeedPortalAccessController.checkPermission( anonymousUser, adminEntry, "view"));
189         assertEquals( "null user DOES NOT have view access to " + ADMIN_PORTLET, false, JetspeedPortalAccessController.checkPermission( (JetspeedUser) null, adminEntry, "view"));
190         
191         assertEquals( "Admin user has view access to " + USER_PORTLET, true, JetspeedPortalAccessController.checkPermission( adminUser, userEntry, "view"));
192         assertEquals( "Turbine user has view access to " + USER_PORTLET, true, JetspeedPortalAccessController.checkPermission( turbineUser, userEntry, "view"));
193         assertEquals( "Anonymous user DOES NOT have view access to " + USER_PORTLET, false, JetspeedPortalAccessController.checkPermission( anonymousUser, userEntry, "view"));
194         assertEquals( "null user DOES NOT have view access to " + USER_PORTLET, false, JetspeedPortalAccessController.checkPermission( (JetspeedUser) null, userEntry, "view"));
195         
196         assertEquals( "Admin user has view access to " + ALL_PORTLET, true, JetspeedPortalAccessController.checkPermission( adminUser, allEntry, "view"));
197         assertEquals( "Turbine user has view access to " + ALL_PORTLET, true, JetspeedPortalAccessController.checkPermission( turbineUser, allEntry, "view"));
198         assertEquals( "Anonymous user has view access to " + ALL_PORTLET, true, JetspeedPortalAccessController.checkPermission( anonymousUser, allEntry, "view"));
199         assertEquals( "null user has view access to " + ALL_PORTLET, true, JetspeedPortalAccessController.checkPermission( (JetspeedUser) null, allEntry, "view"));
200 */
201     }
202     /*
203      * Setup Turbine environment
204      */
205     
206     /*
207      * Configuration object to run Turbine outside a servlet container
208      * ( uses turbine.properties )
209      */
210     private static TurbineConfig config = null;
211     
212     /*
213      * Sets up TurbineConfig using the system property:
214      * <pre>turbine.properties</pre>
215      */
216     static
217     {
218         try
219         {
220             config = new TurbineConfig( "webapp", "/WEB-INF/conf/TurbineResources.properties");
221             config.init();
222         }
223         catch (Exception JavaDoc e)
224         {
225             fail(StringUtils.stackTrace(e));
226         }
227     }
228     
229     private PsmlEntry createEntry(java.lang.String JavaDoc parent, java.lang.String JavaDoc id)
230     {
231         PsmlEntry entry = new PsmlEntry();
232         entry.setParent( parent);
233         if (id != null)
234             entry.setId( id);
235         return entry;
236     }
237 }
238
Popular Tags