1 package org.apache.turbine.services.security;
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 import junit.framework.Test;
20 import junit.framework.TestSuite;
21
22 import org.apache.turbine.om.security.Permission;
23 import org.apache.turbine.om.security.Role;
24 import org.apache.turbine.test.BaseTurbineHsqlTest;
25 import org.apache.turbine.util.security.DataBackendException;
26 import org.apache.turbine.util.security.EntityExistsException;
27 import org.apache.turbine.util.security.PermissionSet;
28 import org.apache.turbine.util.security.UnknownEntityException;
29
30 public class TestSecurityPermission
31 extends BaseTurbineHsqlTest
32 {
33 public TestSecurityPermission(String name)
34 throws Exception
35 {
36 super(name, "conf/test/TurbineResources.properties");
37 }
38
39 public static Test suite()
40 {
41 return new TestSuite(TestSecurityPermission.class);
42 }
43
44 public void testInit()
45 {
46 SecurityService ss = TurbineSecurity.getService();
47 assertTrue("Service failed to initialize", ss.getInit());
48 }
49
50 public void testPermissionByName()
51 throws Exception
52 {
53 SecurityService ss = TurbineSecurity.getService();
54
55 Permission permission = ss.getPermissionByName("Login");
56 assertNotNull(permission);
57 assertEquals(permission.getName(), "Login");
58 }
59
60 public void testPermissionById()
61 throws Exception
62 {
63 SecurityService ss = TurbineSecurity.getService();
64
65 Permission permission = ss.getPermissionById(2);
66 assertNotNull(permission);
67 assertEquals(permission.getName(), "Application");
68 }
69
70 public void testAllPermissions()
71 throws Exception
72 {
73 SecurityService ss = TurbineSecurity.getService();
74
75 PermissionSet gs = ss.getAllPermissions();
76
77 assertEquals(3, gs.size());
78 }
79
80 public void testAddPermission()
81 throws Exception
82 {
83 SecurityService ss = TurbineSecurity.getService();
84
85 Permission newbie = ss.getPermissionInstance();
86 newbie.setName("newbie");
87
88 ss.addPermission(newbie);
89
90 assertEquals("Permission was not added", 4, ss.getAllPermissions().size());
91
92 try
93 {
94 Permission application = ss.getPermissionByName("Application");
95
96 ss.addPermission(application);
97 fail("Existing Permission could be added!");
98 }
99 catch (Exception e)
100 {
101 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), EntityExistsException.class, e.getClass());
102 }
103
104 try
105 {
106 Permission empty = ss.getPermissionInstance();
107
108 ss.addPermission(empty);
109 fail("Permission with empty Permissionname could be added!");
110 }
111 catch (Exception e)
112 {
113 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), DataBackendException.class, e.getClass());
114 }
115
116 assertEquals("Permission was not added", 4, ss.getAllPermissions().size());
117 }
118
119 public void testRemovePermission()
120 throws Exception
121 {
122 SecurityService ss = TurbineSecurity.getService();
123
124 assertEquals("Permission was not added", 4, ss.getAllPermissions().size());
125
126 Permission newbie = ss.getPermissionByName("newbie");
127 assertNotNull(newbie);
128
129 ss.removePermission(newbie);
130
131 try
132 {
133 Permission foo = ss.getPermissionInstance();
134 foo.setName("foo");
135
136 ss.removePermission(foo);
137 fail("Non Existing Permission could be deleted!");
138 }
139 catch (Exception e)
140 {
141 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), UnknownEntityException.class);
142 }
143
144 assertEquals("Permission was not removed", 3, ss.getAllPermissions().size());
145 }
146
147 public void testGrantPermission()
148 throws Exception
149 {
150 SecurityService ss = TurbineSecurity.getService();
151
152 Role admin = ss.getRoleByName("Admin");
153 assertNotNull(admin);
154
155 Permission app = ss.getPermissionByName("Application");
156 assertNotNull(app);
157
158 PermissionSet ps = admin.getPermissions();
159 assertFalse(ps.contains(app));
160
161 ss.grant(admin, app);
162
163 Role admin2 = ss.getRoleByName("Admin");
164 assertNotNull(admin2);
165
166 PermissionSet ps2 = admin2.getPermissions();
167 assertTrue(ps2.contains(app));
168
169
170 assertFalse(ps.contains(app));
171
172 try
173 {
174 ss.grant(admin2, app);
175 fail("Permission could be granted twice!");
176 }
177 catch (Exception e)
178 {
179
180
181
182
183 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), DataBackendException.class, e.getClass());
184 }
185
186 try
187 {
188 Permission unknown = ss.getPermissionInstance("unknown");
189
190 ss.grant(admin, unknown);
191 fail("Nonexisting Permission could be granted!");
192 }
193 catch (Exception e)
194 {
195 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), UnknownEntityException.class, e.getClass());
196 }
197
198 }
199
200 public void testRevokePermission()
201 throws Exception
202 {
203 SecurityService ss = TurbineSecurity.getService();
204
205 Role admin = ss.getRoleByName("Admin");
206 assertNotNull(admin);
207
208 Permission app = ss.getPermissionByName("Application");
209 assertNotNull(app);
210
211 PermissionSet ps = admin.getPermissions();
212 assertTrue(ps.contains(app));
213
214 ss.revoke(admin, app);
215
216 Role admin2 = ss.getRoleByName("Admin");
217 assertNotNull(admin2);
218
219 PermissionSet ps2 = admin2.getPermissions();
220 assertFalse(ps2.contains(app));
221
222
223 assertTrue(ps.contains(app));
224
225 try
226 {
227 Permission unknown = ss.getPermissionInstance("unknown");
228 ss.revoke(admin, unknown);
229 fail("Nonexisting Permission could be revoked!");
230 }
231 catch (Exception e)
232 {
233 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), UnknownEntityException.class, e.getClass());
234 }
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262 }
263
264 public void testRevokeAll()
265 throws Exception
266 {
267 SecurityService ss = TurbineSecurity.getService();
268
269 Role user = ss.getRoleByName("User");
270 assertNotNull(user);
271
272 PermissionSet ps = user.getPermissions();
273 assertEquals(2, ps.size());
274
275 ss.revokeAll(user);
276
277 Role user2 = ss.getRoleByName("User");
278 assertNotNull(user2);
279
280 PermissionSet ps2 = user2.getPermissions();
281 assertEquals(0, ps2.size());
282 }
283
284 public void testSavePermission()
285 throws Exception
286 {
287 SecurityService ss = TurbineSecurity.getService();
288
289 Permission application = ss.getPermissionByName("Application");
290
291 ss.savePermission(application);
292
293 try
294 {
295 Permission fake = ss.getPermissionInstance("fake");
296
297 ss.savePermission(fake);
298 fail("Non Existing Permission could be saved!");
299 }
300 catch (Exception e)
301 {
302 assertEquals("Wrong Exception thrown: " + e.getClass().getName(), e.getClass(), UnknownEntityException.class);
303 }
304 }
305
306 public void testRenamePermission()
307 throws Exception
308 {
309 SecurityService ss = TurbineSecurity.getService();
310
311 Permission newbie = ss.getPermissionInstance("newbie");
312 ss.addPermission(newbie);
313
314 Permission test = ss.getPermissionByName("newbie");
315 assertNotNull(test);
316
317 ss.renamePermission(test, "fake");
318
319 Permission fake = ss.getPermissionByName("fake");
320 assertNotNull(fake);
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341 }
342 }