Google Git
Sign in
apache / archiva-redback-core / refs/heads/feature/header_check / . / redback-rbac / redback-rbac-tests / src / main / java / org / apache / archiva / redback / tests / AbstractRbacManagerTestCase.java
blob: 65af694747f4573ace0e3bfe8b22df15da520fda [file] [log] [blame]
package org.apache.archiva.redback.tests;
/*
* Copyright 2001-2006 The Apache Software Foundation.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
import junit.framework.TestCase;
import net.sf.ehcache.CacheManager;
import org.apache.archiva.redback.rbac.Operation;
import org.apache.archiva.redback.rbac.Permission;
import org.apache.archiva.redback.rbac.RBACManager;
import org.apache.archiva.redback.rbac.RbacManagerException;
import org.apache.archiva.redback.rbac.RbacPermanentException;
import org.apache.archiva.redback.rbac.Resource;
import org.apache.archiva.redback.rbac.Role;
import org.apache.archiva.redback.rbac.UserAssignment;
import org.apache.archiva.redback.tests.utils.RBACDefaults;
import org.assertj.core.api.Assertions;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Set;
import static org.assertj.core.api.Assertions.assertThat;
/**
* AbstractRbacManagerTestCase
*
* @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
*/
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(locations = { "classpath*:/META-INF/spring-context.xml", "classpath*:/spring-context.xml" })
public abstract class AbstractRbacManagerTestCase
extends TestCase
{
private RBACManager rbacManager;
protected RbacManagerEventTracker eventTracker;
private RBACDefaults rbacDefaults;
protected Logger log = LoggerFactory.getLogger( getClass() );
public void setRbacManager( RBACManager store )
{
this.rbacManager = store;
if ( this.rbacManager != null )
{
this.eventTracker = new RbacManagerEventTracker();
this.rbacManager.addListener( eventTracker );
}
rbacDefaults = new RBACDefaults( rbacManager );
}
public RBACManager getRbacManager()
{
return this.rbacManager;
}
public void setUp()
throws Exception
{
super.setUp();
}
public void tearDown()
throws Exception
{
super.tearDown();
}
private Role getAdminRole()
throws RbacManagerException
{
Role role = rbacManager.createRole( "ADMIN" );
role.setAssignable( false );
Permission perm = rbacManager.createPermission( "EDIT_ANY_USER", "EDIT", "User:*" );
role.addPermission( perm );
return role;
}
private Role getDeveloperRole()
throws RbacManagerException
{
Role role = rbacManager.createRole( "DEVELOPER" );
role.setAssignable( true );
Permission perm = rbacManager.createPermission( "EDIT_MY_USER", "EDIT", "User:Self" );
role.addPermission( perm );
return role;
}
private Role getProjectAdminRole()
throws RbacManagerException
{
Role role = rbacManager.createRole( "PROJECT_ADMIN" );
role.setAssignable( true );
Permission perm = rbacManager.createPermission( "EDIT_PROJECT", "EDIT", "Project:Foo" );
role.addPermission( perm );
return role;
}
private Role getSuperDeveloperRole()
{
Role role = rbacManager.createRole( "SUPER_DEVELOPER" );
role.setAssignable( true );
return role;
}
public abstract void assertEventCount();
private void assertEventTracker( int addedRoleNameCount, int removedRoleNameCount, int addedPermissionNames,
int removedPermissionNames, boolean freshness, boolean eventCount )
{
assertNotNull( eventTracker );
if ( eventCount )
{
assertEventCount();
}
assertEquals( addedRoleNameCount, eventTracker.addedRoleNames.size() );
assertEquals( removedRoleNameCount, eventTracker.removedRoleNames.size() );
assertEquals( addedPermissionNames, eventTracker.addedPermissionNames.size() );
assertEquals( removedPermissionNames, eventTracker.removedPermissionNames.size() );
if ( freshness )
{
assertTrue( eventTracker.lastDbFreshness.booleanValue() );
}
}
@Test
public void testStoreInitialization()
throws Exception
{
assertNotNull( rbacManager );
Role role = getAdminRole();
assertNotNull( role );
Role added = rbacManager.saveRole( role );
assertEquals( 1, rbacManager.getAllRoles().size() );
assertNotNull( added );
rbacManager.removeRole( added );
assertEquals( 0, rbacManager.getAllRoles().size() );
/* Assert some event tracker stuff */
assertEventTracker( 1, 1, 1, 0, false, false );
//assertTrue( eventTracker.lastDbFreshness.booleanValue() );
}
@Test
public void testResources()
throws Exception
{
assertNotNull( rbacManager );
rbacManager.eraseDatabase();
eventTracker.rbacInit( true );
Resource resource = rbacManager.createResource( "foo" );
Resource resource2 = rbacManager.createResource( "bar" );
assertNotNull( resource );
Resource added = rbacManager.saveResource( resource );
assertNotNull( added );
Resource added2 = rbacManager.saveResource( resource2 );
assertNotNull( added2 );
assertEquals( 2, rbacManager.getAllResources().size() );
rbacManager.removeResource( added );
assertEquals( 1, rbacManager.getAllResources().size() );
/* Assert some event tracker stuff */
assertEventTracker( 0, 0, 0, 0, true, true );
}
@Test
public void testAddGetPermission()
throws RbacManagerException
{
assertNotNull( rbacManager );
rbacManager.eraseDatabase();
eventTracker.rbacInit( true );
Role adminRole = rbacManager.saveRole( getAdminRole() );
rbacManager.saveRole( getDeveloperRole() );
assertEquals( 2, rbacManager.getAllRoles().size() );
assertEquals( 2, rbacManager.getAllPermissions().size() );
Permission createUserPerm = rbacManager.createPermission( "CREATE_USER", "CREATE", "User" );
// perm shouldn't exist in manager (yet)
assertEquals( 2, rbacManager.getAllPermissions().size() );
adminRole.addPermission( createUserPerm );
rbacManager.saveRole( adminRole );
// perm should exist in manager now.
assertEquals( 3, rbacManager.getAllPermissions().size() );
Permission fetched = rbacManager.getPermission( "CREATE_USER" );
assertNotNull( fetched );
/* Assert some event tracker stuff */
assertEventTracker( 2, 0, 3, 0, true, true );
}
@Test
public void testAddGetRole()
throws RbacManagerException
{
assertNotNull( rbacManager );
rbacManager.eraseDatabase();
eventTracker.rbacInit( true );
Role adminRole = rbacManager.saveRole( getAdminRole() );
Role develRole = rbacManager.saveRole( getDeveloperRole() );
assertEquals( 2, rbacManager.getAllRoles().size() );
Role actualAdmin = rbacManager.getRole( adminRole.getName() );
Role actualDevel = rbacManager.getRole( develRole.getName() );
assertEquals( adminRole.getName(), actualAdmin.getName() );
assertEquals( adminRole.getChildRoleNames(), actualAdmin.getChildRoleNames() );
assertEquals( develRole, actualDevel );
/* Assert some event tracker stuff */
assertEventTracker( 2, 0, 2, 0, true, true );
}
@Test
public void testAllowRoleWithoutPermissions()
throws RbacManagerException
{
assertNotNull( rbacManager );
rbacManager.eraseDatabase();
eventTracker.rbacInit( true );
String rolename = "Test Role";
Role testRole = rbacManager.createRole( rolename );
testRole = rbacManager.saveRole( testRole );
assertNotNull( testRole );
assertEquals( 1, rbacManager.getAllRoles().size() );
assertEquals( 0, rbacManager.getAllPermissions().size() );
Role actualRole = rbacManager.getRole( rolename );
assertEquals( testRole.getName(), actualRole.getName() );
assertEquals( testRole.getChildRoleNames(), actualRole.getChildRoleNames() );
assertEquals( 1, rbacManager.getAllRoles().size() );
assertEquals( 0, rbacManager.getAllPermissions().size() );
/* Assert some event tracker stuff */
assertEventTracker( 1, 0, 0, 0, true, true );
}
/**
* ldap doesn't support child roles
*
* @return
*/
protected boolean supportChildRole()
{
return true;
}
@Test
public void testAddGetChildRole()
throws RbacManagerException
{
if ( !supportChildRole() )
{
log.info( "child role feature not supported by the RBACManager impl: {}",
rbacManager.getClass().getName() );
return;
}
RBACManager manager = rbacManager;
assertNotNull( manager );
rbacManager.eraseDatabase();
eventTracker.rbacInit( true );
Role adminRole = manager.saveRole( getAdminRole() );
Role develRole = manager.saveRole( getDeveloperRole() );
assertEquals( 2, manager.getAllRoles().size() );
Role actualAdmin = manager.getRole( adminRole.getName() );
Role actualDevel = manager.getRole( develRole.getName() );
assertEquals( adminRole.getName(), actualAdmin.getName() );
assertEquals( adminRole.getChildRoleNames(), actualAdmin.getChildRoleNames() );
assertEquals( develRole, actualDevel );
// Now add a child role.
manager.addChildRole( develRole, getProjectAdminRole() );
manager.saveRole( develRole );
assertEquals( 3, manager.getAllRoles().size() );
/* Assert some event tracker stuff */
assertEventTracker( 3, 0, 3, 0, true, true );
}
@Test
public void testAddGetChildRoleViaName()
throws RbacManagerException
{
RBACManager manager = rbacManager;
rbacManager.eraseDatabase();
eventTracker.rbacInit( true );
assertNotNull( manager );
Role adminRole = manager.saveRole( getAdminRole() );
Role develRole = manager.saveRole( getDeveloperRole() );
assertEquals( 2, manager.getAllRoles().size() );
Role actualAdmin = manager.getRole( adminRole.getName() );
Role actualDevel = manager.getRole( develRole.getName() );
assertEquals( adminRole.getName(), actualAdmin.getName() );
assertEquals( adminRole.getChildRoleNames(), actualAdmin.getChildRoleNames() );
assertEquals( develRole, actualDevel );
// Now do a child role.
Role projectRole = getProjectAdminRole();
String projectRoleName = projectRole.getName();
manager.saveRole( projectRole );
develRole.addChildRoleName( projectRoleName );
manager.saveRole( develRole );
assertEquals( 3, manager.getAllRoles().size() );
/* Assert some event tracker stuff */
assertEventTracker( 3, 0, 3, 0, true, true );
}
@Test
public void testUserAssignmentAddRole()
throws RbacManagerException
{
RBACManager manager = rbacManager;
rbacManager.eraseDatabase();
eventTracker.rbacInit( true );
Role adminRole = manager.saveRole( getAdminRole() );
assertEquals( 1, manager.getAllRoles().size() );
String adminPrincipal = "admin";
UserAssignment assignment = manager.createUserAssignment( adminPrincipal );
assignment.addRoleName( adminRole );
manager.saveUserAssignment( assignment );
assertEquals( 1, manager.getAllUserAssignments().size() );
assertEquals( 1, manager.getAllRoles().size() );
UserAssignment ua = manager.getUserAssignment( adminPrincipal );
assertNotNull( ua );
Role fetched = manager.getRole( "ADMIN" );
assertNotNull( fetched );
/* Assert some event tracker stuff */
assertEventTracker( 1, 0, 1, 0, true, true );
}
@Test
public void testUserAssignmentWithChildRoles()
throws RbacManagerException
{
RBACManager manager = rbacManager;
rbacManager.eraseDatabase();
Role developerRole = manager.saveRole( getDeveloperRole() );
Role adminRole = getAdminRole();
adminRole.addChildRoleName( developerRole.getName() );
adminRole = manager.saveRole( adminRole );
// don't use admin as ldap group need at least one member
String adminPrincipal = "theadmin";
UserAssignment assignment = manager.createUserAssignment( adminPrincipal );
assignment.addRoleName( adminRole );
assignment = manager.saveUserAssignment( assignment );
assertEquals( 1, assignment.getRoleNames().size() );
assertEquals( 1, manager.getAssignedRoles( adminPrincipal ).size() );
}
@Test
public void testGetAssignedPermissionsNoChildRoles()
throws RbacManagerException
{
RBACManager manager = rbacManager;
rbacManager.eraseDatabase();
eventTracker.rbacInit( true );
Role admin = getAdminRole();
admin = manager.saveRole( admin );
assertEquals( 1, manager.getAllRoles().size() );
String adminPrincipal = "admin";
UserAssignment ua = manager.createUserAssignment( adminPrincipal );
ua.addRoleName( admin );
manager.saveUserAssignment( ua );
assertEquals( 1, manager.getAllUserAssignments().size() );
Set<Permission> assignedPermissions = manager.getAssignedPermissions( adminPrincipal );
assertThat( assignedPermissions ).isNotNull().isNotEmpty().hasSize( 1 );
/* Assert some event tracker stuff */
assertEventTracker( 1, 0, 1, 0, true, true );
}
@Test
public void testGlobalResource()
throws RbacManagerException
{
RBACManager manager = rbacManager;
rbacManager.eraseDatabase();
eventTracker.rbacInit( true );
Permission editConfiguration = manager.createPermission( "Edit Configuration" );
editConfiguration.setOperation( manager.createOperation( "edit-configuration" ) );
editConfiguration.setResource( manager.getGlobalResource() );
manager.savePermission( editConfiguration );
assertEquals( 1, manager.getAllPermissions().size() );
assertEquals( 1, manager.getAllOperations().size() );
assertEquals( 1, manager.getAllResources().size() );
Permission deleteConfiguration = manager.createPermission( "Delete Configuration" );
deleteConfiguration.setOperation( manager.createOperation( "delete-configuration" ) );
deleteConfiguration.setResource( manager.getGlobalResource() );
manager.savePermission( deleteConfiguration );
assertEquals( 2, manager.getAllPermissions().size() );
assertEquals( 2, manager.getAllOperations().size() );
assertEquals( 1, manager.getAllResources().size() );
/* Assert some event tracker stuff */
assertEventTracker( 0, 0, 2, 0, true, true );
}
@Test
public void testGlobalResourceOneLiner()
throws RbacManagerException
{
RBACManager manager = rbacManager;
rbacManager.eraseDatabase();
eventTracker.rbacInit( true );
manager.savePermission(
manager.createPermission( "Edit Configuration", "edit-configuration", Resource.GLOBAL ) );
manager.savePermission(
manager.createPermission( "Delete Configuration", "delete-configuration", Resource.GLOBAL ) );
/* Assert some event tracker stuff */
assertEventTracker( 0, 0, 2, 0, true, true );
}
@Test
public void testUserAssignmentAddRemoveSecondRole()
throws RbacManagerException
{
RBACManager manager = rbacManager;
rbacManager.eraseDatabase();
eventTracker.rbacInit( true );
Role developerRole = getDeveloperRole();
manager.saveRole( developerRole );
// Setup User / Assignment with 1 role.
String username = "bob";
UserAssignment assignment = manager.createUserAssignment( username );
assignment.addRoleName( developerRole );
manager.saveUserAssignment( assignment );
assertEquals( incAssignements( 1 ), manager.getAllUserAssignments().size() );
assertEquals( 1, manager.getAllRoles().size() );
// Create another role add it to manager.
Role projectAdmin = getProjectAdminRole();
String projectAdminRoleName = projectAdmin.getName();
manager.saveRole( projectAdmin );
// Get User Assignment, add a second role
UserAssignment bob = manager.getUserAssignment( username );
bob.addRoleName( projectAdminRoleName );
bob = manager.saveUserAssignment( bob );
assertEquals( incAssignements( 1 ), manager.getAllUserAssignments().size() );
assertEquals( 2, manager.getAllRoles().size() );
assertEquals( 2, bob.getRoleNames().size() );
assertEquals( 0, manager.getUnassignedRoles( bob.getPrincipal() ).size() );
List<String> roles = bob.getRoleNames();
assertEquals( 2, roles.size() );
// Remove 1 role from bob, end up with 1 role for bob.
roles.remove( projectAdminRoleName );
assertEquals( 1, roles.size() );
bob.setRoleNames( roles );
bob = manager.saveUserAssignment( bob );
assertEquals( "Should only have 1 role under bob now.", 1, bob.getRoleNames().size() );
assertEquals( "Should have 2 total roles still.", 2, manager.getAllRoles().size() );
assertEquals( "Should have 1 assignable role", 1, manager.getUnassignedRoles( bob.getPrincipal() ).size() );
// Fetch bob again. see if role is missing.
UserAssignment cousin = manager.getUserAssignment( username );
assertEquals( 1, cousin.getRoleNames().size() );
assertEquals( "Should only have 1 role under bob now.", 1, cousin.getRoleNames().size() );
assertEquals( "Should have 2 total roles still.", 2, manager.getAllRoles().size() );
// remove the last role
roles.remove( developerRole.getName() );
bob.setRoleNames( roles );
bob = manager.saveUserAssignment( bob );
assertEquals( "Should have 2 assignable roles.", 2, manager.getUnassignedRoles( bob.getPrincipal() ).size() );
/* Assert some event tracker stuff */
assertEventTracker( 2, 0, 2, 0, true, true );
}
@Test
public void testUserAssignmentMultipleRoles()
throws RbacManagerException
{
RBACManager manager = rbacManager;
rbacManager.eraseDatabase();
eventTracker.rbacInit( true );
Role devRole = getDeveloperRole();
manager.saveRole( devRole );
// Setup User / Assignment with 1 role.
String username = "bob";
UserAssignment assignment = manager.createUserAssignment( username );
assignment.addRoleName( devRole );
assignment = manager.saveUserAssignment( assignment );
assertEquals( incAssignements( 1 ), manager.getAllUserAssignments().size() );
assertEquals( 1, manager.getAllRoles().size() );
// assign the same role again to the same user
assignment.addRoleName( devRole.getName() );
manager.saveUserAssignment( assignment );
// we certainly shouldn't have 2 roles here now
assertEquals( 1, assignment.getRoleNames().size() );
/* Assert some event tracker stuff */
assertEventTracker( 1, 0, 1, 0, true, true );
}
@Test
public void testUserAssignmentMultipleRolesWithChildRoles()
throws RbacManagerException
{
RBACManager manager = rbacManager;
rbacManager.eraseDatabase();
eventTracker.rbacInit( true );
Role devRole = getDeveloperRole();
Role devPlusRole = getSuperDeveloperRole();
devPlusRole.setChildRoleNames( Collections.singletonList( devRole.getName() ) );
manager.saveRole( devRole );
manager.saveRole( devPlusRole );
// Setup User / Assignment with 1 role.
String username = "bob";
UserAssignment assignment = manager.createUserAssignment( username );
assignment.addRoleName( devRole );
assignment = manager.saveUserAssignment( assignment );
assertEquals( incAssignements( 1 ), manager.getAllUserAssignments().size() );
assertEquals( "should be only one role assigned", 1,
manager.getAssignedRoles( assignment.getPrincipal() ).size() );
assertEquals( "should be one role left to assign", 1,
manager.getUnassignedRoles( assignment.getPrincipal() ).size() );
assertEquals( 2, manager.getAllRoles().size() );
// assign the same role again to the same user
assignment.addRoleName( devRole.getName() );
manager.saveUserAssignment( assignment );
// we certainly shouldn't have 2 roles here now
assertEquals( 1, assignment.getRoleNames().size() );
/* Assert some event tracker stuff */
assertEventTracker( 2, 0, 1, 0, true, true );
}
@Test
public void testGetAssignedRoles()
throws RbacManagerException
{
RBACManager manager = rbacManager;
rbacManager.eraseDatabase();
Role adminRole = manager.saveRole( getAdminRole() );
Role projectAdminRole = manager.saveRole( getProjectAdminRole() );
Role developerRole = manager.saveRole( getDeveloperRole() );
// Setup 3 roles.
assertEquals( 3, manager.getAllRoles().size() );
// Setup User / Assignment with 3 roles.
String username = "bob";
UserAssignment assignment = manager.createUserAssignment( username );
assignment.addRoleName( developerRole.getName() );
assignment.addRoleName( projectAdminRole.getName() );
assignment.addRoleName( adminRole.getName() );
assignment = manager.saveUserAssignment( assignment );
assertThat( assignment.getRoleNames() ).isNotNull().isNotEmpty().hasSize( 3 );
assertThat( manager.getAllUserAssignments() ).isNotNull().isNotEmpty().hasSize( incAssignements( 1 ) );
assertThat( manager.getAllRoles() ).isNotNull().isNotEmpty().hasSize( 3 );
afterSetup();
// Get the List of Assigned Roles for user bob.
Collection<Role> assignedRoles = manager.getAssignedRoles( username );
assertThat( assignedRoles ).isNotNull().isNotEmpty().hasSize( 3 );
}
/**
* getAllUserAssignments() can return more for ldap as when creating a group
* it's mandatory to have at leat 1 user in the group
*
* @param size
* @return
*/
protected int incAssignements( int size )
{
return size;
}
@Test
public void testGetAssignedPermissions()
throws RbacManagerException
{
RBACManager manager = rbacManager;
rbacManager.eraseDatabase();
// Setup 3 roles.
manager.saveRole( getAdminRole() );
manager.saveRole( getProjectAdminRole() );
Role added = manager.saveRole( getDeveloperRole() );
String roleName = added.getName();
assertThat( manager.getAllRoles() ).isNotNull().isNotEmpty().hasSize( 3 );
assertThat( manager.getAllPermissions() ).isNotNull().isNotEmpty().hasSize( 3 );
// Setup User / Assignment with 1 role.
String username = "bob";
UserAssignment assignment = manager.createUserAssignment( username );
assignment.addRoleName( roleName );
manager.saveUserAssignment( assignment );
assertThat( manager.getAllUserAssignments() ).isNotNull().isNotEmpty().hasSize( incAssignements( 1 ) );
assertThat( manager.getAllRoles() ).isNotNull().isNotEmpty().hasSize( 3 );
assertThat( manager.getAllPermissions() ).isNotNull().isNotEmpty().hasSize( 3 );
// Get the List of Assigned Roles for user bob.
Collection<Permission> assignedPermissions = manager.getAssignedPermissions( username );
assertThat( assignedPermissions ).isNotNull().isNotEmpty().hasSize( 1 );
}
public Role getChildRole( RBACManager manager, Role role, String expectedChildRoleName, int childRoleCount )
throws RbacManagerException
{
assertTrue( role.hasChildRoles() );
List<String> childNames = role.getChildRoleNames();
assertNotNull( childNames );
assertEquals( 1, childNames.size() );
String childName = (String) childNames.get( 0 );
assertNotNull( childName );
Role childRole = manager.getRole( childName );
assertNotNull( childRole );
assertEquals( expectedChildRoleName, childRole.getName() );
return childRole;
}
@Test
public void testAddRemovePermanentRole()
throws RbacManagerException
{
assertNotNull( rbacManager );
rbacManager.eraseDatabase();
eventTracker.rbacInit( true );
Role adminRole = getAdminRole();
adminRole.setPermanent( true );
adminRole = rbacManager.saveRole( adminRole );
Role develRole = rbacManager.saveRole( getDeveloperRole() );
assertEquals( 2, rbacManager.getAllRoles().size() );
Role actualAdmin = rbacManager.getRole( adminRole.getName() );
Role actualDevel = rbacManager.getRole( develRole.getName() );
assertEquals( adminRole.getName(), actualAdmin.getName() );
assertEquals( adminRole.getChildRoleNames(), actualAdmin.getChildRoleNames() );
assertEquals( develRole, actualDevel );
// Attempt to remove perm now.
try
{
// Use role name technique first.
rbacManager.removeRole( adminRole.getName() );
}
catch ( RbacPermanentException e )
{
// expected path.
}
try
{
// Use role object technique next.
rbacManager.removeRole( adminRole );
}
catch ( RbacPermanentException e )
{
// expected path.
}
/* Assert some event tracker stuff */
assertEventTracker( 2, 0, 2, 0, true, true );
}
@Test
public void testGetRolesDeep()
throws RbacManagerException
{
rbacManager.eraseDatabase();
rbacDefaults.createDefaults();
// Setup User / Assignment with 1 role.
String username = "bob";
UserAssignment assignment = rbacManager.createUserAssignment( username );
assignment.addRoleName( "Developer" );
rbacManager.saveUserAssignment( assignment );
assertEquals( incAssignements( 1 ), rbacManager.getAllUserAssignments().size() );
assertEquals( 4, rbacManager.getAllRoles().size() );
assertEquals( 6, rbacManager.getAllPermissions().size() );
// Get the List of Assigned Roles for user bob.
Role devel = rbacManager.getRole( "Developer" );
assertNotNull( devel );
// First Depth.
Role trusted = getChildRole( rbacManager, devel, "Trusted Developer", 1 );
// Second Depth.
Role sysAdmin = getChildRole( rbacManager, trusted, "System Administrator", 1 );
// Third Depth.
getChildRole( rbacManager, sysAdmin, "User Administrator", 1 );
}
@Test
public void testGetAssignedPermissionsDeep()
throws RbacManagerException
{
this.clearCache();
assertNotNull( rbacManager );
rbacManager.eraseDatabase();
rbacDefaults.createDefaults();
// Setup User / Assignment with 1 role.
String username = "bob";
UserAssignment assignment = rbacManager.createUserAssignment( username );
assignment.addRoleName( "Developer" );
rbacManager.saveUserAssignment( assignment );
assertEquals( incAssignements( 1 ), rbacManager.getAllUserAssignments().size() );
List<Permission> permissions = rbacManager.getAllPermissions();
Assertions.assertThat( permissions ).isNotNull().isNotEmpty().hasSize( 6 );
List<Role> roles = rbacManager.getAllRoles();
Assertions.assertThat( roles ).isNotNull().isNotEmpty().hasSize( 4 );
afterSetup();
// Get the List of Assigned Roles for user bob.
Collection<Permission> assignedPermissions = rbacManager.getAssignedPermissions( username );
assertNotNull( assignedPermissions );
assertEquals( 6, assignedPermissions.size() );
}
@Test
public void testLargeApplicationInit()
throws RbacManagerException
{
assertNotNull( rbacManager );
rbacManager.eraseDatabase();
rbacDefaults.createDefaults();
assertEquals( 6, rbacManager.getAllPermissions().size() );
assertEquals( 11, rbacManager.getAllOperations().size() );
assertEquals( 4, rbacManager.getAllRoles().size() );
}
@Test
public void testAddRemovePermanentPermission()
throws RbacManagerException
{
assertNotNull( rbacManager );
rbacManager.eraseDatabase();
eventTracker.rbacInit( true );
Role adminRole = rbacManager.saveRole( getAdminRole() );
rbacManager.saveRole( getDeveloperRole() );
assertEquals( 2, rbacManager.getAllRoles().size() );
assertEquals( 2, rbacManager.getAllPermissions().size() );
Permission createUserPerm = rbacManager.createPermission( "CREATE_USER", "CREATE", "User" );
createUserPerm.setPermanent( true );
// perm shouldn't exist in manager (yet)
assertEquals( 2, rbacManager.getAllPermissions().size() );
adminRole.addPermission( createUserPerm );
rbacManager.saveRole( adminRole );
// perm should exist in manager now.
assertEquals( 3, rbacManager.getAllPermissions().size() );
Permission fetched = rbacManager.getPermission( "CREATE_USER" );
assertNotNull( fetched );
// Attempt to remove perm now.
try
{
// Use permission name technique first.
rbacManager.removePermission( "CREATE_USER" );
}
catch ( RbacPermanentException e )
{
// expected path.
}
try
{
// Use permission object technique next.
rbacManager.removePermission( fetched );
}
catch ( RbacPermanentException e )
{
// expected path.
}
// Assert some event tracker stuff
assertEventTracker( 2, 0, 3, 0, true, true );
}
@Test
public void testAddRemovePermanentOperation()
throws RbacManagerException
{
rbacManager.eraseDatabase();
eventTracker.rbacInit( true );
assertNotNull( rbacManager );
Role adminRole = rbacManager.saveRole( getAdminRole() );
rbacManager.saveRole( getDeveloperRole() );
assertEquals( 2, rbacManager.getAllRoles().size() );
assertEquals( 2, rbacManager.getAllPermissions().size() );
Permission createUserPerm = rbacManager.createPermission( "CREATE_USER", "CREATE", "User" );
createUserPerm.getOperation().setPermanent( true );
// perm shouldn't exist in manager (yet)
assertEquals( 2, rbacManager.getAllPermissions().size() );
assertEquals( 1, rbacManager.getAllOperations().size() );
adminRole.addPermission( createUserPerm );
rbacManager.saveRole( adminRole );
// perm should exist in manager now.
assertEquals( 2, rbacManager.getAllOperations().size() );
Operation fetched = rbacManager.getOperation( "CREATE" );
assertNotNull( fetched );
// Attempt to remove operation now.
try
{
// Use operation name technique first.
rbacManager.removeOperation( "CREATE" );
}
catch ( RbacPermanentException e )
{
// expected path.
}
try
{
// Use operation object technique next.
rbacManager.removeOperation( fetched );
}
catch ( RbacPermanentException e )
{
// expected path.
}
// Assert some event tracker stuff
assertEventTracker( 2, 0, 3, 0, true, true );
}
@Test
public void testInitialize()
throws Exception
{
rbacManager.initialize();
}
/**
* Allows subclasses to hook code after a test case has finished it's setup
*/
protected void afterSetup()
{
// do nothing
}
protected void clearCache()
{
for ( String cacheName : CacheManager.getInstance().getCacheNames() )
{
CacheManager.getInstance().getCache( cacheName ).removeAll();
}
}
}