1 16 17 package org.apache.jetspeed.services.security.turbine; 18 19 20 import org.apache.jetspeed.test.JetspeedTestCase; 22 import org.apache.jetspeed.om.profile.Entry; 23 import org.apache.jetspeed.om.profile.psml.PsmlEntry; 24 import org.apache.jetspeed.om.security.JetspeedUser; 25 import org.apache.jetspeed.om.registry.base.BaseSecurity; 26 import org.apache.jetspeed.om.registry.base.BasePortletEntry; 27 import org.apache.jetspeed.om.registry.base.BaseParameter; 28 import org.apache.jetspeed.om.registry.Parameter; 29 import org.apache.jetspeed.om.registry.PortletEntry; 30 import org.apache.jetspeed.om.registry.Security; 31 32 import org.apache.jetspeed.services.JetspeedSecurity; 33 import org.apache.jetspeed.services.JetspeedPortalAccessController; 34 import org.apache.jetspeed.services.resources.JetspeedResources; 35 import org.apache.jetspeed.services.security.PortalResource; 36 37 import org.apache.turbine.util.TurbineConfig; 39 import org.apache.turbine.util.StringUtils; 40 41 import junit.awtui.TestRunner; 43 import junit.framework.Test; 44 import junit.framework.TestSuite; 45 46 52 public class TestAccessController extends JetspeedTestCase 53 { 54 private static String ADMIN_PORTLET = "GlobalAdminPortlet"; private static String ALL_PORTLET = "HelloVelocity"; private static String TEST_GROUP = "Jetspeed"; 57 private static String TEST_SECURITY_PAGE = "SecurityTest"; 58 private static String USER_PORTLET = "SkinBrowser"; 60 65 public TestAccessController( String name ) 66 { 67 super( name ); 68 } 69 70 75 public static void main(String args[]) 76 { 77 TestRunner.main( new String [] 78 { TestAccessController.class.getName() } ); 79 } 80 81 public void setup() 82 { 83 System.out.println("Setup: Testing categories of Profiler Service"); 84 } 85 91 public static Test suite() 92 { 93 return new TestSuite( TestAccessController.class ); 95 } 96 97 public void testVerifyEnvironment() throws Exception 98 { 99 assertEquals( "Using TurbineAccessController", 100 "org.apache.jetspeed.services.security.turbine.TurbineAccessController", 101 JetspeedResources.getString("services.PortalAccessController.classname")); 102 103 assertNotNull( "Getting admin user", JetspeedSecurity.getUser("admin")); 104 assertNotNull( "Getting turbine user", JetspeedSecurity.getUser("turbine")); 105 assertNotNull( "Getting anonymous user", JetspeedSecurity.getAnonymousUser()); 106 } 107 108 public void testRequiredActions() throws Exception 109 { 110 JetspeedUser adminUser = (JetspeedUser) JetspeedSecurity.getUser("admin"); 111 assertNotNull( "Getting admin user", adminUser); 112 adminUser.setHasLoggedIn(Boolean.TRUE); 113 114 JetspeedUser turbineUser = (JetspeedUser) JetspeedSecurity.getUser("turbine"); 115 assertNotNull( "Getting turbine user", turbineUser); 116 turbineUser.setHasLoggedIn(Boolean.TRUE); 117 118 JetspeedUser anonymousUser = (JetspeedUser) JetspeedSecurity.getAnonymousUser(); 119 assertNotNull( "Getting anonymous user", anonymousUser); 120 Entry adminEntry = createEntry( ADMIN_PORTLET, "ST_01.admin"); 121 Entry userEntry = createEntry(USER_PORTLET, "ST_01.user"); 122 Entry allEntry = createEntry(ALL_PORTLET, "ST_01.all"); 123 124 assertEquals( "Admin user has view access to " + ADMIN_PORTLET, true, JetspeedPortalAccessController.checkPermission( adminUser, adminEntry, "view")); 125 127 130 assertEquals( "Admin user has view access to " + USER_PORTLET, true, JetspeedPortalAccessController.checkPermission( adminUser, userEntry, "view")); 131 assertEquals( "Turbine user has view access to " + USER_PORTLET, true, JetspeedPortalAccessController.checkPermission( turbineUser, userEntry, "view")); 132 135 assertEquals( "Admin user has view access to " + ALL_PORTLET, true, JetspeedPortalAccessController.checkPermission( adminUser, allEntry, "view")); 136 assertEquals( "Turbine user has view access to " + ALL_PORTLET, true, JetspeedPortalAccessController.checkPermission( turbineUser, allEntry, "view")); 137 assertEquals( "Anonymous user has view access to " + ALL_PORTLET, true, JetspeedPortalAccessController.checkPermission( anonymousUser, allEntry, "view")); 138 assertEquals( "null user has view access to " + ALL_PORTLET, true, JetspeedPortalAccessController.checkPermission( (JetspeedUser) null, allEntry, "view")); 139 } 140 141 public void testRegistryActions() throws Exception 142 { 143 JetspeedUser adminUser = (JetspeedUser) JetspeedSecurity.getUser("admin"); 144 assertNotNull( "Getting admin user", adminUser); 145 adminUser.setHasLoggedIn(Boolean.TRUE); 146 147 JetspeedUser turbineUser = (JetspeedUser) JetspeedSecurity.getUser("turbine"); 148 assertNotNull( "Getting turbine user", turbineUser); 149 turbineUser.setHasLoggedIn(Boolean.TRUE); 150 151 JetspeedUser anonymousUser = (JetspeedUser) JetspeedSecurity.getAnonymousUser(); 152 assertNotNull( "Getting anonymous user", anonymousUser); 153 Security adminSecurity = new BaseSecurity("admin"); 155 assertNotNull( "Have admin security", adminSecurity); 156 Security userSecurity = new BaseSecurity("user"); 157 assertNotNull( "Have user security", userSecurity); 158 159 PortletEntry userPortletEntry = new BasePortletEntry(); 160 assertNotNull( "Have userPortletEntry", userPortletEntry); 161 userPortletEntry.setName( USER_PORTLET); 162 userPortletEntry.setSecurity( userSecurity); 163 Parameter adminParam = new BaseParameter(); 164 assertNotNull( "Have adminParameter", adminParam); 165 adminParam.setName("AdminParam"); 166 adminParam.setValue("adminValue"); 167 adminParam.setSecurity(adminSecurity); 168 userPortletEntry.addParameter(adminParam); 169 170 Parameter userParam = new BaseParameter(); 171 assertNotNull( "Have userParameter", userParam); 172 userParam.setName("UserParam"); 173 userParam.setValue("userValue"); 174 userParam.setSecurity(userSecurity); 175 userPortletEntry.addParameter(userParam); 176 assertEquals( "Admin user customize access to admin parameter", true, JetspeedPortalAccessController.checkPermission( adminUser, new PortalResource( userPortletEntry, adminParam), JetspeedSecurity.PERMISSION_CUSTOMIZE)); 177 assertEquals( "Turbine user customize access to admin parameter", false, JetspeedPortalAccessController.checkPermission( turbineUser, new PortalResource( userPortletEntry, adminParam), JetspeedSecurity.PERMISSION_CUSTOMIZE)); 178 assertEquals( "Admin user customize access to admin parameter", true, JetspeedPortalAccessController.checkPermission( adminUser, new PortalResource( userPortletEntry, userParam), JetspeedSecurity.PERMISSION_CUSTOMIZE)); 179 assertEquals( "Turbine user customize access to admin parameter", true, JetspeedPortalAccessController.checkPermission( turbineUser, new PortalResource( userPortletEntry, userParam), JetspeedSecurity.PERMISSION_CUSTOMIZE)); 180 181 201 } 202 205 206 210 private static TurbineConfig config = null; 211 212 216 static 217 { 218 try 219 { 220 config = new TurbineConfig( "webapp", "/WEB-INF/conf/TurbineResources.properties"); 221 config.init(); 222 } 223 catch (Exception e) 224 { 225 fail(StringUtils.stackTrace(e)); 226 } 227 } 228 229 private PsmlEntry createEntry(java.lang.String parent, java.lang.String id) 230 { 231 PsmlEntry entry = new PsmlEntry(); 232 entry.setParent( parent); 233 if (id != null) 234 entry.setId( id); 235 return entry; 236 } 237 } 238 | Popular Tags |