| /* |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * https://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| * |
| */ |
| package org.apache.directory.fortress.core.impl; |
| |
| |
| import java.util.ArrayList; |
| import java.util.HashSet; |
| import java.util.List; |
| import java.util.Map; |
| import java.util.Set; |
| |
| import junit.framework.Test; |
| import junit.framework.TestCase; |
| import junit.framework.TestSuite; |
| |
| import org.apache.directory.fortress.core.*; |
| import org.apache.directory.fortress.core.SecurityException; |
| import org.apache.directory.fortress.core.model.AdminRole; |
| import org.apache.directory.fortress.core.model.OrgUnit; |
| import org.apache.directory.fortress.core.model.PermObj; |
| import org.apache.directory.fortress.core.model.Permission; |
| import org.apache.directory.fortress.core.model.Role; |
| import org.apache.directory.fortress.core.model.Session; |
| import org.apache.directory.fortress.core.model.User; |
| import org.apache.directory.fortress.core.model.UserAdminRole; |
| import org.apache.directory.fortress.core.util.Config; |
| import org.apache.directory.fortress.core.util.EncryptUtil; |
| import org.slf4j.Logger; |
| import org.slf4j.LoggerFactory; |
| |
| import org.apache.directory.fortress.core.util.LogUtil; |
| |
| |
| /** |
| * DelegatedMgrImpl Tester. |
| * |
| * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> |
| */ |
| public class DelegatedMgrImplTest extends TestCase |
| { |
| private static final String CLS_NM = DelegatedMgrImplTest.class.getName(); |
| private static final Logger LOG = LoggerFactory.getLogger( CLS_NM ); |
| |
| |
| public DelegatedMgrImplTest( String name ) |
| { |
| super( name ); |
| } |
| |
| private static Session adminSess = null; |
| |
| |
| public void setUp() throws Exception |
| { |
| super.setUp(); |
| } |
| |
| |
| public void tearDown() throws Exception |
| { |
| super.tearDown(); |
| } |
| |
| |
| public static Test suitex() |
| { |
| TestSuite suite = new TestSuite(); |
| suite.addTest( new DelegatedMgrImplTest( "testRevokePermissionRole" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testDeassignAdminUser" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testDeleteUser" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testDeletePermission" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testDeleteRole" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testDeleteOrgInheritance" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testDeleteOrgUnit" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testDeleteAdminUser" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testAddAdminUser" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testAddOrgUnit" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testUpdateOrgUnit" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testAddOrgInheritance" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testReadOrgUnit" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testSearchOrgUnits" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testAddRole" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testAddUser" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testAddPermission" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testAssignAdminUser" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testGrantPermissionRole" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testCheckAccess" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testCanAssignUser" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testCanDeassignUser" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testCanGrantPerm" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testCanRevokePerm" ) ); |
| |
| return suite; |
| } |
| |
| public static Test suite() |
| { |
| TestSuite suite = new TestSuite(); |
| suite.addTest( new DelegatedMgrImplTest( "testCanAssignUser" ) ); |
| |
| return suite; |
| } |
| |
| public void testAddAdminUser() |
| { |
| // These fortress delegated admin policies are needed for junit test but may have been created by an ant script so won't need to be created here: |
| if(loadAdminRequired( "LOAD-ADMIN AROLES_SUPER", AdminRoleTestData.AROLES_SUPER )) |
| { |
| addOrgUnit( "ADD ORG_PRM_APP0", OrgUnitTestData.ORGS_PRM_APP0[0] ); |
| addOrgUnit( "ADD ORG_USR_DEV0", OrgUnitTestData.ORGS_USR_DEV0[0] ); |
| |
| addAdminRoles( "ADD-ARLS SUPER", AdminRoleTestData.AROLES_SUPER, false ); |
| AdminMgrImplTest.addPermObjs( "ADD-OBS PSWDMGR_OBJ", PermTestData.PSWDMGR_OBJ, false, false ); |
| AdminMgrImplTest.addPermObjs( "ADD-OBS ADMINMGR_OBJ", PermTestData.ADMINMGR_OBJ, false, false ); |
| AdminMgrImplTest.addPermObjs( "ADD-OBS DELEGATEDMGR_OBJ", PermTestData.DELEGATEDMGR_OBJ, false, false ); |
| AdminMgrImplTest.addPermObjs( "ADD-OBS DELEGATEDREVIEWMGR_OBJ", PermTestData.DELEGATEDREVIEWMGR_OBJ, false, |
| false ); |
| AdminMgrImplTest.addPermObjs( "ADD-OBS REVIEWMGR_OBJ", PermTestData.REVIEWMGR_OBJ, false, false ); |
| AdminMgrImplTest.addPermObjs( "ADD-OBS GROUPMGR_OBJ", PermTestData.GROUPMGR_OBJ, false, false ); |
| |
| AdminMgrImplTest.addPermOps( "ADD-OPS GROUPMGR_OBJ GROUPMGR_OPS", PermTestData.GROUPMGR_OBJ, |
| PermTestData.GROUPMGR_OPS, false, false ); |
| AdminMgrImplTest.addRoleGrants( "GRNT-APRMS SUPER GRPMGR_OBJ GRPMGR_OPS", |
| AdminRoleTestData.AROLES_SUPER, PermTestData.GROUPMGR_OBJ, PermTestData.GROUPMGR_OPS, false, false ); |
| |
| AdminMgrImplTest.addPermOps( "ADD-OPS PSWDMGR_OBJ PSWDMGR_OPS", PermTestData.PSWDMGR_OBJ, |
| PermTestData.PSWDMGR_OPS, false, false ); |
| AdminMgrImplTest.addPermOps( "ADD-OPS ADMINMGR_OBJ ADMINMGR_OPS", PermTestData.ADMINMGR_OBJ, |
| PermTestData.ADMINMGR_OPS, false, false ); |
| AdminMgrImplTest.addPermOps( "ADD-OPS DELEGATEDMGR_OBJ DELEGATEDMGR_OPS", PermTestData.DELEGATEDMGR_OBJ, |
| PermTestData.DELEGATEDMGR_OPS, false, false ); |
| AdminMgrImplTest.addPermOps( "ADD-OPS DELEGATEDREVIEWMGR_OBJ DELEGATEDREVIEWMGR_OPS", |
| PermTestData.DELEGATEDREVIEWMGR_OBJ, PermTestData.DELEGATEDREVIEWMGR_OPS, false, false ); |
| AdminMgrImplTest.addPermOps( "ADD-OPS REVIEWMGR_OBJ REVIEWMGR_OPS", PermTestData.REVIEWMGR_OBJ, |
| PermTestData.REVIEWMGR_OPS, false, false ); |
| AdminMgrImplTest.addRoleGrants( "GRNT-APRMS SUPER PSWDMGR_OBJ PSWDMGR_OPS", AdminRoleTestData.AROLES_SUPER, |
| PermTestData.PSWDMGR_OBJ, PermTestData.PSWDMGR_OPS, false, false ); |
| AdminMgrImplTest.addRoleGrants( "GRNT-APRMS SUPER ADMINMGR_OBJ ADMINMGR_OPS", AdminRoleTestData.AROLES_SUPER, |
| PermTestData.ADMINMGR_OBJ, PermTestData.ADMINMGR_OPS, false, false ); |
| AdminMgrImplTest.addRoleGrants( "GRNT-APRMS SUPER DELEGATEDMGR_OBJ DELEGATEDMGR_OPS", |
| AdminRoleTestData.AROLES_SUPER, PermTestData.DELEGATEDMGR_OBJ, PermTestData.DELEGATEDMGR_OPS, false, false ); |
| AdminMgrImplTest.addRoleGrants( "GRNT-APRMS SUPER DELEGATEDREVIEWMGR_OBJ DELEGATEDREVIEWMGR_OPS", |
| AdminRoleTestData.AROLES_SUPER, PermTestData.DELEGATEDREVIEWMGR_OBJ, PermTestData.DELEGATEDREVIEWMGR_OPS, |
| false, false ); |
| AdminMgrImplTest.addRoleGrants( "GRNT-APRMS SUPER REVIEWMGR_OBJ REVIEWMGR_OPS", AdminRoleTestData.AROLES_SUPER, |
| PermTestData.REVIEWMGR_OBJ, PermTestData.REVIEWMGR_OPS, false, false ); |
| AdminMgrImplTest.addPermObjs( "ADD-OBS AUDITMGR_OBJ", PermTestData.AUDITMGR_OBJ, false, true ); |
| AdminMgrImplTest.addPermOps( "ADD-OPS AUDITMGR_OBJ AUDITMGR_OPS", PermTestData.AUDITMGR_OBJ, |
| PermTestData.AUDITMGR_OPS, false, true ); |
| AdminMgrImplTest.addRoleGrants( "GRNT-APRMS SUPER AUDITMGR_OBJ AUDITMGR_OPS", AdminRoleTestData.AROLES_SUPER, |
| PermTestData.AUDITMGR_OBJ, PermTestData.AUDITMGR_OPS, false, true ); |
| } |
| |
| PswdPolicyMgrImplTest.add( "ADD " + TestUtils.getDataLabel( PolicyTestData.class, "POLICIES_BASE" ), PolicyTestData.POLICIES_BASE, true ); |
| AdminMgrImplTest.addUsers( "ADD-USRS TU0", UserTestData.USERS_TU0, false ); |
| assignAdminUsers( "ASGN-USRS TU0 SUPER", UserTestData.USERS_TU0, AdminRoleTestData.AROLES_SUPER, false ); |
| } |
| |
| private static boolean loadAdminRequired( String msg, String[][] rArray ) |
| { |
| // default return is 'true': |
| boolean loadAdmin = true; |
| String methodName = ".loadAdminRequired"; |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelReviewMgr dReviewMgr = getDelegatedReviewMgr(); |
| for ( String[] rle : rArray ) |
| { |
| AdminRole entity = dReviewMgr.readRole( new AdminRole( RoleTestData.getName( rle ) ) ); |
| if(entity == null) |
| { |
| break; |
| } |
| //AdminRoleTestData.assertEquals( entity, rle ); |
| } |
| // if we get to here it means that admin role has already been loaded |
| loadAdmin = false; |
| } |
| catch ( SecurityException ex ) |
| { |
| // This is the expected when teardown is not required: |
| if ( ex.getErrorId() == GlobalErrIds.ROLE_NOT_FOUND ) |
| { |
| // did not find so need to load admin roles |
| } |
| else |
| { |
| // Something unexpected occurred here, Report as warning to the logger: |
| String warning = methodName + " caught SecurityException=" + ex.getMessage(); |
| LOG.warn( warning ); |
| // TODO: Determine if it would be better to throw a SecurityException here. |
| } |
| } |
| LOG.info( methodName + ":" + loadAdmin ); |
| return loadAdmin; |
| } |
| |
| |
| public void testDeleteAdminUser() |
| { |
| deassignAdminUsers( "DEASGN-USRS TU0 SUPER", UserTestData.USERS_TU0, AdminRoleTestData.AROLES_SUPER, false ); |
| AdminMgrImplTest.deleteUsers( "DEL-USRS TU0", UserTestData.USERS_TU0, true, false ); |
| AdminMgrImplTest.delRoleGrants( "REVK-APRMS SUPER AUDITMGR_OBJ AUDITMGR_OPS", AdminRoleTestData.AROLES_SUPER, |
| PermTestData.AUDITMGR_OBJ, PermTestData.AUDITMGR_OPS, false ); |
| AdminMgrImplTest.delRoleGrants( "REVK-APRMS SUPER REVIEWMGR_OBJ REVIEWMGR_OPS", AdminRoleTestData.AROLES_SUPER, |
| PermTestData.REVIEWMGR_OBJ, PermTestData.REVIEWMGR_OPS, false ); |
| AdminMgrImplTest.delRoleGrants( "REVK-APRMS SUPER PSWDMGR_OBJ PSWDMGR_OPS", AdminRoleTestData.AROLES_SUPER, |
| PermTestData.PSWDMGR_OBJ, PermTestData.PSWDMGR_OPS, false ); |
| AdminMgrImplTest.delRoleGrants( "REVK-APRMS SUPER ADMINMGR_OBJ ADMINMGR_OPS", AdminRoleTestData.AROLES_SUPER, |
| PermTestData.ADMINMGR_OBJ, PermTestData.ADMINMGR_OPS, false ); |
| AdminMgrImplTest.delRoleGrants( "REVK-APRMS SUPER DELEGATEDREVIEWMGR_OBJ DELEGATEDREVIEWMGR_OPS", |
| AdminRoleTestData.AROLES_SUPER, PermTestData.DELEGATEDREVIEWMGR_OBJ, PermTestData.DELEGATEDREVIEWMGR_OPS, |
| false ); |
| AdminMgrImplTest.delRoleGrants( "REVK-APRMS SUPER DELEGATEDMGR_OBJ DELEGATEDMGR_OPS", |
| AdminRoleTestData.AROLES_SUPER, PermTestData.DELEGATEDMGR_OBJ, PermTestData.DELEGATEDMGR_OPS, false ); |
| AdminMgrImplTest.delPermOps( "DEL-OPS AUDITMGR_OBJ AUDITMGR_OPS ", PermTestData.AUDITMGR_OBJ, |
| PermTestData.AUDITMGR_OPS, false, false ); |
| AdminMgrImplTest.delPermOps( "DEL-OPS REVIEWMGR_OBJ REVIEWMGR_OPS ", PermTestData.REVIEWMGR_OBJ, |
| PermTestData.REVIEWMGR_OPS, false, false ); |
| AdminMgrImplTest.delPermOps( "DEL-OPS PSWDMGR_OBJ PSWDMGR_OPS", PermTestData.PSWDMGR_OBJ, |
| PermTestData.PSWDMGR_OPS, false, false ); |
| AdminMgrImplTest.delPermOps( "DEL-OPS ADMINMGR_OBJ ADMINMGR_OPS ", PermTestData.ADMINMGR_OBJ, |
| PermTestData.ADMINMGR_OPS, false, false ); |
| AdminMgrImplTest.delPermOps( "DEL-OPS DELEGATEDREVIEWMGR_OBJ DELEGATEDREVIEWMGR_OPS ", |
| PermTestData.DELEGATEDREVIEWMGR_OBJ, PermTestData.DELEGATEDREVIEWMGR_OPS, false, false ); |
| AdminMgrImplTest.delPermOps( "DEL-OPS DELEGATEDMGR_OBJ DELEGATEDMGR_OPS ", PermTestData.DELEGATEDMGR_OBJ, |
| PermTestData.DELEGATEDMGR_OPS, false, false ); |
| AdminMgrImplTest.delPermObjs( "DEL-OBJS AUDITMGR_OBJ", PermTestData.AUDITMGR_OBJ, false ); |
| AdminMgrImplTest.delPermObjs( "DEL-OBJS REVIEWMGR_OBJ", PermTestData.REVIEWMGR_OBJ, false ); |
| AdminMgrImplTest.delPermObjs( "DEL-OBJS PSWDMGR_OBJ", PermTestData.PSWDMGR_OBJ, false ); |
| AdminMgrImplTest.delPermObjs( "DEL-OBJS ADMINMGR_OBJ", PermTestData.ADMINMGR_OBJ, false ); |
| AdminMgrImplTest.delPermObjs( "DEL-OBJS DELEGATEDREVIEWMGR_OBJ", PermTestData.DELEGATEDREVIEWMGR_OBJ, false ); |
| AdminMgrImplTest.delPermObjs( "DEL-OBJS DELEGATEDMGR_OBJ", PermTestData.DELEGATEDMGR_OBJ, false ); |
| deleteAdminRoles( "DEL-ARLS SUPER", AdminRoleTestData.AROLES_SUPER, false ); |
| deleteOrgUnit( "DEL ORG_USR_DEV0", OrgUnitTestData.ORGS_USR_DEV0[0] ); |
| deleteOrgUnit( "DEL ORG_PRM_APP0", OrgUnitTestData.ORGS_PRM_APP0[0] ); |
| } |
| |
| |
| public void testAssignAdminUser() |
| { |
| // public void assignUser(User user, Role role) |
| assignAdminUsers( "ASGN-USRS TU16 TR1", UserTestData.USERS_TU16_ARBAC, AdminRoleTestData.AROLES_TR1, true ); |
| assignAdminUserRole( "ASGN-USR TU17A TR2", UserTestData.USERS_TU17A_ARBAC, AdminRoleTestData.AROLES_TR2, true ); |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param uArray |
| * @param rArray |
| */ |
| public static void assignAdminUsers( String msg, String[][] uArray, String[][] rArray, boolean isAdmin ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr; |
| DelReviewMgr dReviewMgr; |
| if ( isAdmin ) |
| { |
| dAdminMgr = getManagedDelegatedMgr(); |
| dReviewMgr = getManagedDelegatedReviewMgr(); |
| } |
| else |
| { |
| dAdminMgr = DelAdminMgrFactory.createInstance( TestUtils.getContext() ); |
| dReviewMgr = DelReviewMgrFactory.createInstance( TestUtils.getContext() ); |
| } |
| |
| int i = 0; |
| for ( String[] usr : uArray ) |
| { |
| i++; |
| for ( String[] rle : rArray ) |
| { |
| UserAdminRole uAdminRole = new UserAdminRole( UserTestData.getUserId( usr ), AdminRoleTestData |
| .getRole( rle ).getName() ); |
| dAdminMgr.assignUser( uAdminRole ); |
| LOG.debug( "assignAdminUsers user [" + uAdminRole.getUserId() + "] role [" |
| + uAdminRole.getName() + "] successful" ); |
| // Let's double check the number of users not associated with role: |
| // This one retrieves the collection of all "roleOccupant" attributes associated with the role node: |
| List<User> users = dReviewMgr.assignedUsers( AdminRoleTestData.getRole( rle ) ); |
| assertNotNull( users ); |
| assertTrue( CLS_NM + "assignAdminUsers list size check", i == users.size() ); |
| } |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "assignAdminUsers caught SecurityException rc=" + ex.getErrorId() + ", msg=" |
| + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testDeassignAdminUser() |
| { |
| // public void deassignUser(User user, Role role) |
| deassignAdminUsers( "DEASGN-USRS TU16 TR1", UserTestData.USERS_TU16_ARBAC, AdminRoleTestData.AROLES_TR1, true ); |
| deassignAdminUserRole( "DEASGN-USR TU17A TR2", UserTestData.USERS_TU17A_ARBAC, AdminRoleTestData.AROLES_TR2, |
| true ); |
| } |
| |
| |
| /** |
| * @param msg |
| * @param uArray |
| * @param rArray |
| */ |
| void deassignAdminUsers( String msg, String[][] uArray, String[][] rArray, boolean isAdmin ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr; |
| DelReviewMgr dReviewMgr; |
| if ( isAdmin ) |
| { |
| dAdminMgr = getManagedDelegatedMgr(); |
| dReviewMgr = getManagedDelegatedReviewMgr(); |
| } |
| else |
| { |
| dAdminMgr = DelAdminMgrFactory.createInstance( TestUtils.getContext() ); |
| dReviewMgr = DelReviewMgrFactory.createInstance( TestUtils.getContext() ); |
| } |
| int i = 0; |
| for ( String[] usr : uArray ) |
| { |
| i++; |
| for ( String[] rle : rArray ) |
| { |
| UserAdminRole uAdminRole = new UserAdminRole( UserTestData.getUserId( usr ), AdminRoleTestData |
| .getRole( rle ).getName() ); |
| AdminRoleTestData.getRole( rle ); |
| dAdminMgr.deassignUser( uAdminRole ); |
| LOG.debug( "deassignAdminUsers user [" + uAdminRole.getUserId() + "] role [" |
| + uAdminRole.getName() + "] successful" ); |
| // Let's double check the number of users associated with role: |
| List<User> users = dReviewMgr.assignedUsers( AdminRoleTestData.getRole( rle ) ); |
| assertNotNull( users ); |
| |
| // If this is the last user deassigned from role, both lists will be returned empty: |
| if ( i == uArray.length ) |
| { |
| assertTrue( users.size() == 0 ); |
| } |
| else |
| { |
| assertTrue( CLS_NM + "deassignAdminUsers list size check", |
| ( rArray.length - i ) == users.size() ); |
| } |
| } |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "deassignAdminUsers caught SecurityException rc=" + ex.getErrorId() + ", msg=" |
| + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public static void assignAdminUserRole( String msg, String[][] uArray, String[][] rArray, boolean isAdmin ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr; |
| if ( isAdmin ) |
| { |
| dAdminMgr = getManagedDelegatedMgr(); |
| } |
| else |
| { |
| dAdminMgr = DelAdminMgrFactory.createInstance( TestUtils.getContext() ); |
| } |
| int i = 0; |
| for ( String[] usr : uArray ) |
| { |
| UserAdminRole uAdminRole = new UserAdminRole( UserTestData.getUserId( usr ), AdminRoleTestData.getRole( |
| rArray[i] ).getName() ); |
| dAdminMgr.assignUser( uAdminRole ); |
| i++; |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "assignAdminUsers caught SecurityException rc=" + ex.getErrorId() + ", msg=" |
| + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| void deassignAdminUserRole( String msg, String[][] uArray, String[][] rArray, boolean isAdmin ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr; |
| if ( isAdmin ) |
| { |
| dAdminMgr = getManagedDelegatedMgr(); |
| } |
| else |
| { |
| dAdminMgr = DelAdminMgrFactory.createInstance( TestUtils.getContext() ); |
| } |
| int i = 0; |
| for ( String[] usr : uArray ) |
| { |
| UserAdminRole uAdminRole = new UserAdminRole( UserTestData.getUserId( usr ), AdminRoleTestData.getRole( |
| rArray[i] ).getName() ); |
| dAdminMgr.deassignUser( uAdminRole ); |
| i++; |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "deassignAdminUserRole caught SecurityException rc=" + ex.getErrorId() + ", msg=" |
| + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testAddUser() |
| { |
| // public User addUser(User user) |
| // the admin user must be added before the "addUsers" can be called: |
| //AdminMgrImplTest.addAdminUser("ADD-USRS TU0", UserTestData.USERS_TU0[0]); |
| AdminMgrImplTest.addUsers( "ADD-USRS TU16_ARBAC", UserTestData.USERS_TU16_ARBAC, true ); |
| AdminMgrImplTest.addUsers( "ADD-USRS TU16B_ARBAC", UserTestData.USERS_TU16B_ARBAC, true ); |
| AdminMgrImplTest.addUsers( "ADD-USRS TU16A_ARBAC", UserTestData.USERS_TU17A_ARBAC, true ); |
| AdminMgrImplTest.addUsers( "ADD-USRS TU16U_ARBAC", UserTestData.USERS_TU17U_ARBAC, true ); |
| |
| } |
| |
| |
| public void testDeleteUser() |
| { |
| // public void disableUser(User user) |
| AdminMgrImplTest.deleteUsers( "DEL-USRS TU16B_ARBAC", UserTestData.USERS_TU16B_ARBAC, true, true ); |
| AdminMgrImplTest.deleteUsers( "DEL-USRS TU16_ARBAC", UserTestData.USERS_TU16_ARBAC, true, true ); |
| AdminMgrImplTest.deleteUsers( "DEL-USRS TU16A_ARBAC", UserTestData.USERS_TU17A_ARBAC, true, true ); |
| AdminMgrImplTest.deleteUsers( "DEL-USRS TU16U_ARBAC", UserTestData.USERS_TU17U_ARBAC, true, true ); |
| } |
| |
| |
| public void testAddPermission() |
| { |
| // public Permission addPermObj(Permission pOp) |
| AdminMgrImplTest.addPermObjs( "ADD-OBS TOB5", PermTestData.OBJS_TOB5, true, false ); |
| AdminMgrImplTest.addPermObjs( "ADD-OBS ARBAC1", PermTestData.ARBAC_OBJS_1, true, false ); |
| AdminMgrImplTest |
| .addPermOps( "ADD-OPS ARBAC1", PermTestData.ARBAC_OBJS_1, PermTestData.ARBAC_OPS_1, true, false ); |
| AdminMgrImplTest.addPermObjs( "ADD-OBS ARBAC2", PermTestData.ARBAC_OBJ2, true, false ); |
| AdminMgrImplTest.addPermOps( "ADD-OPS ARBAC2", PermTestData.ARBAC_OBJ2, PermTestData.ARBAC_OPS_2, true, false ); |
| } |
| |
| |
| public void testDeletePermission() |
| { |
| // public void deletePermission(Permission pOp) |
| AdminMgrImplTest.delPermObjs( "DEL-OBJS TOB5", PermTestData.OBJS_TOB5, true ); |
| AdminMgrImplTest |
| .delPermOps( "DEL-OPS ARBAC1", PermTestData.ARBAC_OBJS_1, PermTestData.ARBAC_OPS_1, true, false ); |
| AdminMgrImplTest.delPermObjs( "DEL-OBJS ARBAC1", PermTestData.ARBAC_OBJS_1, true ); |
| AdminMgrImplTest.delPermOps( "DEL-OPS ARBAC2", PermTestData.ARBAC_OBJ2, PermTestData.ARBAC_OPS_2, true, false ); |
| AdminMgrImplTest.delPermObjs( "DEL-OBS ARBAC2", PermTestData.ARBAC_OBJ2, true ); |
| } |
| |
| |
| public void testGrantPermissionRole() |
| { |
| // public void grantPermission(Permission pOp, Role role) |
| AdminMgrImplTest.addRoleGrants( "GRNT-APRMS ARTR2 AROBJ1 AROPS1", AdminRoleTestData.AROLES_TR2, |
| PermTestData.ARBAC_OBJS_1, PermTestData.ARBAC_OPS_1, true, false ); |
| } |
| |
| |
| public void testRevokePermissionRole() |
| { |
| // public void revokePermission(Permission pOp, Role role) |
| AdminMgrImplTest.delRoleGrants( "REVK-APRMS ARTR2 AROBJ1 AROPS1", AdminRoleTestData.AROLES_TR2, |
| PermTestData.ARBAC_OBJS_1, PermTestData.ARBAC_OPS_1, true ); |
| } |
| |
| |
| public void testCheckAccess() |
| { |
| // public boolean checkAccess(String object, String operation, Session session) |
| checkAccess( "CHCK-ACS TU1_UPD TO1 TOP1 ", UserTestData.USERS_TU17A_ARBAC, PermTestData.ARBAC_OBJS_1, |
| PermTestData.ARBAC_OPS_1, PermTestData.ARBAC_OBJ2, PermTestData.ARBAC_OPS_2 ); |
| } |
| |
| |
| public static void checkAccess( String msg, String[][] uArray, String[][] oArray, String[][] opArray, |
| String[][] oArrayBad, String[][] opArrayBad ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAccessMgr dAccessMgr = DelAccessMgrFactory.createInstance( TestUtils.getContext() ); |
| AccessMgr accessMgr = ( AccessMgr ) dAccessMgr; |
| for ( String[] usr : uArray ) |
| { |
| User user = UserTestData.getUser( usr ); |
| Session session = accessMgr.createSession( user, false ); |
| |
| assertNotNull( session ); |
| int i = 0; |
| for ( String[] obj : oArray ) |
| { |
| int j = 0; |
| for ( String[] op : opArray ) |
| { |
| // Call checkAccess method |
| assertTrue( |
| CLS_NM + ".checkAccess failed userId [" + user.getUserId() + "] Perm objName [" |
| + PermTestData.getName( obj ) + "] operationName [" + PermTestData.getName( op ) + "]", |
| dAccessMgr.checkAccess( session, |
| new Permission( PermTestData.getName( obj ), PermTestData.getName( op ) ) ) ); |
| j++; |
| } |
| i++; |
| } |
| i = 0; |
| for ( String[] obj : oArrayBad ) |
| { |
| int j = 0; |
| for ( String[] op : opArrayBad ) |
| { |
| // Call checkAccess method (this should fail): |
| try |
| { |
| boolean result = dAccessMgr.checkAccess( session, new Permission( PermTestData.getName( oArrayBad[i] ), |
| PermTestData.getName( opArrayBad[j] ) ) ); |
| assertTrue( |
| CLS_NM + ".checkAccess failed userId [" + user.getUserId() + "] Perm objName [" |
| + PermTestData.getName( oArrayBad[i] ) + "] operationName [" |
| + PermTestData.getName( opArrayBad[j] ) + "]", |
| !result ); |
| } |
| catch (SecurityException se) |
| { |
| // The expected condition is security exception perm not exist: |
| assertTrue( CLS_NM + ".checkAccess failed userId [" + user.getUserId() + "] Perm objName [" |
| + PermTestData.getName( oArrayBad[i] ) + "] operationName [" |
| + PermTestData.getName( opArrayBad[j] ) + "], negative use case, incorrect exception id=" + se.getErrorId(), se.getErrorId() == GlobalErrIds.PERM_NOT_EXIST ); |
| } |
| j++; |
| } |
| i++; |
| } |
| } |
| LOG.debug( "checkAccess successful" ); |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "checkAccess: caught SecurityException rc=" + ex.getErrorId() + ", msg: " + ex.getMessage(), |
| ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testAddRole() |
| { |
| // public Role setRole(Role role) |
| AdminMgrImplTest.addRoles( "ADD-RLS ROLES_TR14_ARBAC", RoleTestData.ROLES_TR14_ARBAC ); |
| AdminMgrImplTest.addInheritedRoles( "ADD-INHERIT-RLS ROLES_TR14_ARBAC", RoleTestData.ROLES_TR14_ARBAC ); |
| AdminMgrImplTest.addRoles( "ADD-RLS ROLES_TR15_ARBAC", RoleTestData.ROLES_TR15_ARBAC ); |
| AdminMgrImplTest.addInheritedRoles( "ADD-INHERIT-RLS ROLES_TR15_ARBAC", RoleTestData.ROLES_TR15_ARBAC ); |
| addAdminRoles( "ADD-ADMRLS TR1", AdminRoleTestData.AROLES_TR1, true ); |
| addAdminRoles( "ADD-ADMRLS TR2", AdminRoleTestData.AROLES_TR2, true ); |
| addAdminRoles( "ADD-ADMRLS TR3", AdminRoleTestData.AROLES_TR3, true ); |
| addAdminRoles( "ADD-ADMRLS TR6", AdminRoleTestData.AROLES_TR6_HIER, true ); |
| } |
| |
| |
| /** |
| * @param rArray |
| */ |
| public static void addAdminRoles( String msg, String[][] rArray, boolean isAdmin ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr; |
| if ( isAdmin ) |
| { |
| dAdminMgr = getManagedDelegatedMgr(); |
| } |
| else |
| { |
| dAdminMgr = DelAdminMgrFactory.createInstance( TestUtils.getContext() ); |
| } |
| for ( String[] rle : rArray ) |
| { |
| AdminRole role = AdminRoleTestData.getRole( rle ); |
| AdminRole entity = dAdminMgr.addRole( role ); |
| LOG.debug( "addAdminRoles role [" + entity.getName() + "] successful" ); |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "addAdminRoles caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), |
| ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testDeleteRole() |
| { |
| // public void deleteRole(Role role) |
| deleteAdminRoles( "DEL-ADMRLS TR1", AdminRoleTestData.AROLES_TR1, true ); |
| deleteAdminRoles( "DEL-ADMRLS TR2", AdminRoleTestData.AROLES_TR2, true ); |
| deleteAdminRoles( "DEL-ADMRLS TR3", AdminRoleTestData.AROLES_TR3, true ); |
| deleteAdminRoles( "DEL-ADMRLS TR6", AdminRoleTestData.AROLES_TR6_HIER, true ); |
| AdminMgrImplTest.deleteInheritedRoles( "DEL-INHERIT-RLS ROLES_TR14_ARBAC", RoleTestData.ROLES_TR14_ARBAC ); |
| AdminMgrImplTest.deleteRoles( "DEL-RLS ROLES_TR14_ARBAC", RoleTestData.ROLES_TR14_ARBAC ); |
| AdminMgrImplTest.deleteInheritedRoles( "DEL-INHERIT-RLS ROLES_TR15_ARBAC", RoleTestData.ROLES_TR15_ARBAC ); |
| AdminMgrImplTest.deleteRoles( "DEL-RLS ROLES_TR15_ARBAC", RoleTestData.ROLES_TR15_ARBAC ); |
| } |
| |
| |
| /** |
| * @param rArray |
| */ |
| private void deleteAdminRoles( String msg, String[][] rArray, boolean isAdmin ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr; |
| if ( isAdmin ) |
| { |
| dAdminMgr = getManagedDelegatedMgr(); |
| } |
| else |
| { |
| dAdminMgr = DelAdminMgrFactory.createInstance( TestUtils.getContext() ); |
| } |
| for ( String[] rle : rArray ) |
| { |
| AdminRole role = new AdminRole(); |
| role.setName( RoleTestData.getName( rle ) ); |
| dAdminMgr.deleteRole( role ); |
| LOG.debug( "deleteAdminRoles role [" + role.getName() + "] successful" ); |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "deleteAdminRoles caught SecurityException rc=" + ex.getErrorId() + ", msg=" |
| + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testUpdateAdminRole() |
| { |
| // public Role updateRole(Role role) |
| updateAdminRoles( "UPD-ADMRLS TR3_UPD", AdminRoleTestData.AROLES_TR3_UPD, true ); |
| } |
| |
| |
| /** |
| * @param msg |
| * @param rArray |
| */ |
| public static void updateAdminRoles( String msg, String[][] rArray, boolean isAdmin ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr; |
| if ( isAdmin ) |
| { |
| dAdminMgr = getManagedDelegatedMgr(); |
| } |
| else |
| { |
| dAdminMgr = DelAdminMgrFactory.createInstance( TestUtils.getContext() ); |
| } |
| for ( String[] rle : rArray ) |
| { |
| AdminRole role = AdminRoleTestData.getRole( rle ); |
| AdminRole entity = dAdminMgr.updateRole( role ); |
| LOG.debug( "updateAdminRoles role [" + entity.getName() + "] successful" ); |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "updateAdminRoles caught SecurityException rc=" + ex.getErrorId() + ", msg=" |
| + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| public enum ASSIGN_OP |
| { |
| ASSIGN, DEASSIGN |
| } |
| |
| |
| public void testCanAssignUser() |
| { |
| //canAssignUsers("CAN-ASGN-USRS TU1 TR1", UserTestData.USERS_TU16_ARBAC, UserTestData.USERS_TU16B_ARBAC, RoleTestData.ROLES_TR14_ARBAC); |
| canAssignUsers( "CAN-ASGN-USRS URA_T1 TU17A TU17U TR15", ASSIGN_OP.ASSIGN, URATestData.URA_T1, |
| UserTestData.USERS_TU17A_ARBAC, UserTestData.USERS_TU17U_ARBAC, RoleTestData.ROLES_TR15_ARBAC ); |
| } |
| |
| |
| public void testCanDeassignUser() |
| { |
| canAssignUsers( "CAN-DEASGN-USRS URA_T1 TU17A TU17U TR15", ASSIGN_OP.DEASSIGN, URATestData.URA_T1, |
| UserTestData.USERS_TU17A_ARBAC, UserTestData.USERS_TU17U_ARBAC, RoleTestData.ROLES_TR15_ARBAC ); |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param op |
| * @param uraArray |
| * @param uaArray |
| * @param uArray |
| * @param rArray |
| */ |
| public static void canAssignUsers( String msg, ASSIGN_OP op, String[][] uraArray, String[][] uaArray, |
| String[][] uArray, |
| String[][] rArray ) |
| { |
| LogUtil.logIt( msg ); |
| Role role; |
| Map<URA, URA> uraTestResults = URATestData.getURAs( uraArray ); |
| |
| try |
| { |
| DelAccessMgr delAccessMgr = DelAccessMgrFactory.createInstance( TestUtils.getContext() ); |
| AccessMgr accessMgr = ( AccessMgr ) delAccessMgr; |
| int i = 0; |
| for ( String[] aUsr : uaArray ) |
| { |
| User aUser = UserTestData.getUser( aUsr ); |
| Session session = accessMgr.createSession( aUser, false ); |
| assertNotNull( session ); |
| delAccessMgr.setAdmin( session ); |
| for ( String[] usr : uArray ) |
| { |
| User user = UserTestData.getUser( usr ); |
| i++; |
| for ( String[] rle : rArray ) |
| { |
| role = RoleTestData.getRole( rle ); |
| String methodName; |
| boolean result; |
| if ( op == ASSIGN_OP.ASSIGN ) |
| { |
| result = delAccessMgr.canAssign( session, user, role ); |
| methodName = ".canAssignUsers"; |
| } |
| else |
| { |
| result = delAccessMgr.canDeassign( session, user, role ); |
| methodName = ".canDeassignUsers"; |
| } |
| |
| List<UserAdminRole> aRoles = session.getAdminRoles(); |
| assertNotNull( aRoles ); |
| assertTrue( CLS_NM + methodName + " Admin User invalid number of roles", aRoles.size() == 1 ); |
| // since this user should only have one admin role, get the first one from list: |
| UserAdminRole aRole = aRoles.get( 0 ); |
| URA sourceUra = new URA( aRole.getName(), user.getOu(), role.getName(), result ); |
| URA targetUra = uraTestResults.get( sourceUra ); |
| assertTrue( CLS_NM + methodName + " cannot find target URA admin role [" + sourceUra.getArole() |
| + " uou [" + sourceUra.getUou() + "] role [" + sourceUra.getUrole() + "] Result [" |
| + sourceUra.isCanAssign() + "] actual result [" + result + "]", targetUra != null ); |
| LOG.debug( methodName + " User [" + user.getUserId() |
| + "] success URA using admin role [" + targetUra.getArole() + " uou [" + targetUra.getUou() |
| + "] role [" + targetUra.getUrole() + "] target result [" + targetUra.isCanAssign() |
| + "] actual result [" + result + "]" ); |
| } |
| } |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( "canAssignUsers op [" + op + "] caught SecurityException rc=" + ex.getErrorId() |
| + ", msg=" + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testCanGrantPerm() |
| { |
| canGrantPerms( "CAN-GRNT-PRMS PRA_T1 TU17A TOB5 TR15", GRANT_OP.GRANT, PRATestData.PRA_T1, |
| UserTestData.USERS_TU17A_ARBAC, PermTestData.OBJS_TOB5, RoleTestData.ROLES_TR15_ARBAC ); |
| } |
| |
| |
| public void testCanRevokePerm() |
| { |
| canGrantPerms( "CAN-RVKE-PRMS PRA_T1 TU17A TOB5 TR15", GRANT_OP.REVOKE, PRATestData.PRA_T1, |
| UserTestData.USERS_TU17A_ARBAC, PermTestData.OBJS_TOB5, RoleTestData.ROLES_TR15_ARBAC ); |
| } |
| |
| public enum GRANT_OP |
| { |
| GRANT, REVOKE |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param op |
| * @param uraArray |
| * @param uaArray |
| * @param pArray |
| * @param rArray |
| */ |
| public static void canGrantPerms( String msg, GRANT_OP op, String[][] uraArray, String[][] uaArray, |
| String[][] pArray, |
| String[][] rArray ) |
| { |
| LogUtil.logIt( msg ); |
| Role role; |
| Map<PRA, PRA> praTestResults = PRATestData.getPRAs( uraArray ); |
| |
| try |
| { |
| DelAccessMgr delAccessMgr = DelAccessMgrFactory.createInstance( TestUtils.getContext() ); |
| AccessMgr accessMgr = ( AccessMgr ) delAccessMgr; |
| int i = 0; |
| for ( String[] aUsr : uaArray ) |
| { |
| User aUser = UserTestData.getUser( aUsr ); |
| Session session = accessMgr.createSession( aUser, false ); |
| assertNotNull( session ); |
| for ( String[] prm : pArray ) |
| { |
| PermObj pObj = PermTestData.getObj( prm ); |
| i++; |
| for ( String[] rle : rArray ) |
| { |
| role = RoleTestData.getRole( rle ); |
| String methodName; |
| boolean result; |
| if ( op == GRANT_OP.GRANT ) |
| { |
| result = delAccessMgr.canGrant( session, role, new Permission( pObj.getObjName(), "" ) ); |
| methodName = ".canGrantPerms"; |
| } |
| else |
| { |
| result = delAccessMgr.canRevoke( session, role, new Permission( pObj.getObjName(), "" ) ); |
| methodName = ".canRevokePerms"; |
| } |
| |
| List<UserAdminRole> aRoles = session.getAdminRoles(); |
| assertNotNull( aRoles ); |
| assertTrue( CLS_NM + methodName + " Admin User invalid number of roles", aRoles.size() == 1 ); |
| UserAdminRole aRole = aRoles.get( 0 ); |
| PRA sourceUra = new PRA( aRole.getName(), pObj.getOu(), role.getName(), result ); |
| PRA targetUra = praTestResults.get( sourceUra ); |
| assertTrue( CLS_NM + methodName + " cannot find target PRA admin role [" + sourceUra.getArole() |
| + " pou [" + sourceUra.getPou() + "] role [" + sourceUra.getUrole() + "] Result [" |
| + sourceUra.isCanAssign() + "] actual result [" + result + "]", targetUra != null ); |
| LOG.debug( methodName + " failed target PRA admin role [" + targetUra.getArole() |
| + " pou [" + targetUra.getPou() + "] role [" + targetUra.getUrole() + "] target result [" |
| + targetUra.isCanAssign() + "] actual result [" + result + "]" ); |
| } |
| } |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( "canGrantPerms op [" + op + "] caught SecurityException rc=" + ex.getErrorId() |
| + ", msg=" + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testAddOrgUnit() |
| { |
| //addOrgUnits("ADD ORGS_USR_DEV0", OrgUnitTestData.ORGS_USR_DEV0); |
| addOrgUnits( "ADD ORGS_TO1", OrgUnitTestData.ORGS_TO1 ); |
| addOrgUnits( "ADD ORGS_USR_TO2", OrgUnitTestData.ORGS_USR_TO2 ); |
| addOrgUnits( "ADD ORGS_ORGS_PRM_TO3", OrgUnitTestData.ORGS_PRM_TO3 ); |
| addOrgUnits( "ADD ORGS_PRM_TO4", OrgUnitTestData.ORGS_PRM_TO4 ); |
| addOrgUnits( "ADD ORGS_USR_TO5", OrgUnitTestData.ORGS_USR_TO5 ); |
| addOrgUnits( "ADD ORGS_PRM_TO5", OrgUnitTestData.ORGS_PRM_TO5 ); |
| // The DEV1 OU is not removed during cleanup phase because the test system users belong to it: |
| if ( FortressJUnitTest.isFirstRun() ) |
| { |
| addOrgUnits( "ADD ORGS_DEV1", OrgUnitTestData.ORGS_DEV1 ); |
| } |
| addOrgUnits( "ADD ORGS_APP1", OrgUnitTestData.ORGS_APP1 ); |
| } |
| |
| |
| public static void addOrgUnit( String msg, String[] org ) |
| { |
| LogUtil.logIt( msg ); |
| |
| try |
| { |
| DelAdminMgr dAdminMgr = DelAdminMgrFactory.createInstance( TestUtils.getContext() ); |
| OrgUnit ou = OrgUnitTestData.getOrgUnit( org ); |
| OrgUnit entity = dAdminMgr.add( ou ); |
| LOG.debug( "addOrgUnit ou [{}] successful", entity.getName() ); |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( "addOrgUnit caught SecurityException rc={}, msg={}", ex.getErrorId(), ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param oArray |
| */ |
| public static void addOrgUnits( String msg, String[][] oArray ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr = getManagedDelegatedMgr(); |
| for ( String[] ole : oArray ) |
| { |
| OrgUnit ou = OrgUnitTestData.getOrgUnit( ole ); |
| OrgUnit entity = dAdminMgr.add( ou ); |
| LOG.debug( "addOrgUnits ou [" + entity.getName() + "] successful" ); |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( "addOrgUnits caught SecurityException=" + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testDeleteOrgUnit() |
| { |
| //deleteOrgUnits("DEL ORGS_USR_DEV0", OrgUnitTestData.ORGS_USR_DEV0); |
| deleteOrgUnits( "DEL ORGS_TO1", OrgUnitTestData.ORGS_TO1 ); |
| deleteOrgUnits( "DEL ORGS_USR_TO2", OrgUnitTestData.ORGS_USR_TO2 ); |
| deleteOrgUnits( "DEL ORGS_PRM_TO3", OrgUnitTestData.ORGS_PRM_TO3 ); |
| deleteOrgUnits( "DEL ORGS_PRM_TO4", OrgUnitTestData.ORGS_PRM_TO4 ); |
| deleteOrgUnits( "DEL ORGS_USR_TO5", OrgUnitTestData.ORGS_USR_TO5 ); |
| deleteOrgUnits( "DEL ORGS_PRM_TO5", OrgUnitTestData.ORGS_PRM_TO5 ); |
| // Don't delete because the test system users will belong to DEV1 OU and cannot be removed by normal API call: |
| // deleteOrgUnits("DEL ORGS_DEV1", OrgUnitTestData.ORGS_DEV1); |
| deleteOrgUnits( "DEL ORGS_APP1", OrgUnitTestData.ORGS_APP1 ); |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param org |
| */ |
| private void deleteOrgUnit( String msg, String[] org ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr = getManagedDelegatedMgr(); |
| OrgUnit ou = OrgUnitTestData.getOrgUnit( org ); |
| dAdminMgr.delete( ou ); |
| LOG.debug( "deleteOrgUnit ou [" + ou.getName() + "] successful" ); |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( "deleteOrgUnit caught SecurityException=" + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param oArray |
| */ |
| private void deleteOrgUnits( String msg, String[][] oArray ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr = getManagedDelegatedMgr(); |
| for ( String[] ole : oArray ) |
| { |
| OrgUnit ou = OrgUnitTestData.getOrgUnit( ole ); |
| dAdminMgr.delete( ou ); |
| LOG.debug( "deleteOrgUnits ou [" + ou.getName() + "] successful" ); |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "deleteOrgUnits caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), |
| ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testUpdateOrgUnit() |
| { |
| updateOrgUnits( "UPD ORGS_TO1", OrgUnitTestData.ORGS_TO1 ); |
| updateOrgUnits( "UPD ORGS_PRM_TO3", OrgUnitTestData.ORGS_PRM_TO3 ); |
| |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param oArray |
| */ |
| public static void updateOrgUnits( String msg, String[][] oArray ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr = getManagedDelegatedMgr(); |
| for ( String[] ole : oArray ) |
| { |
| OrgUnit ou = OrgUnitTestData.getOrgUnit( ole ); |
| dAdminMgr.update( ou ); |
| LOG.debug( "updateOrgUnits ou [" + ou.getName() + "] successful" ); |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "updateOrgUnits caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), |
| ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testReadOrgUnit() |
| { |
| // public Role readRole(Role role) |
| readOrgUnits( "RD ORGS_TO1", OrgUnitTestData.ORGS_TO1 ); |
| readOrgUnits( "RD ORGS_PRM_TO3", OrgUnitTestData.ORGS_PRM_TO3 ); |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param oArray |
| */ |
| public static void readOrgUnits( String msg, String[][] oArray ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelReviewMgr dReviewMgr = getManagedDelegatedReviewMgr(); |
| for ( String[] ole : oArray ) |
| { |
| OrgUnit ou = OrgUnitTestData.getOrgUnit( ole ); |
| OrgUnit entity = dReviewMgr.read( ou ); |
| OrgUnitTestData.assertEquals( entity, ole ); |
| LOG.debug( "readOrgUnits [" + entity.getName() + "] successful" ); |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "readOrgUnits caught SecurityException rc=" + ex.getErrorId() + ", msg=" + ex.getMessage(), |
| ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testSearchOrgUnits() |
| { |
| searchOrgUnits( "SRCH ORGS_TO1", |
| TestUtils.getSrchValue( OrgUnitTestData.getName( OrgUnitTestData.ORGS_TO1[0] ) ), OrgUnitTestData.ORGS_TO1 ); |
| searchOrgUnits( "SRCH ORGS_PRM_TO3", |
| TestUtils.getSrchValue( OrgUnitTestData.getName( OrgUnitTestData.ORGS_PRM_TO3[0] ) ), |
| OrgUnitTestData.ORGS_PRM_TO3 ); |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param srchValue |
| * @param oArray |
| */ |
| public static void searchOrgUnits( String msg, String srchValue, String[][] oArray ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelReviewMgr dReviewMgr = getManagedDelegatedReviewMgr(); |
| // grab the type from the first entry in the test org list: |
| OrgUnit.Type type = OrgUnitTestData.getType( oArray[0] ); |
| List<OrgUnit> ous = dReviewMgr.search( type, srchValue ); |
| assertNotNull( ous ); |
| assertTrue( "searchOrgUnits list size check", oArray.length == ous.size() ); |
| for ( String[] ole : oArray ) |
| { |
| int indx = ous.indexOf( new OrgUnit( OrgUnitTestData.getName( ole ) ) ); |
| if ( indx != -1 ) |
| { |
| OrgUnit entity = ous.get( indx ); |
| assertNotNull( entity ); |
| OrgUnitTestData.assertEquals( entity, ole ); |
| LOG.debug( "searchOrgUnits [" + entity.getName() + "] successful" ); |
| } |
| else |
| { |
| msg = "searchOrgUnits srchValue [" + srchValue + "] failed list search"; |
| LogUtil.logIt( msg ); |
| fail( msg ); |
| } |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "searchOrgUnits srchValue [" + srchValue + "] caught SecurityException rc=" + ex.getErrorId() |
| + ", msg=" + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testAddOrgInheritance() |
| { |
| addInheritedOrgUnits( "ADD-INHERIT ORGS_USR_TO2", OrgUnitTestData.ORGS_USR_TO2 ); |
| addInheritedOrgUnits( "ADD-INHERIT ORGS_PRM_TO4", OrgUnitTestData.ORGS_PRM_TO4 ); |
| addInheritedOrgUnits( "ADD-INHERIT ORGS_USR_TO5", OrgUnitTestData.ORGS_USR_TO5 ); |
| addInheritedOrgUnits( "ADD-INHERIT ORGS_PRM_TO5", OrgUnitTestData.ORGS_PRM_TO5 ); |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param oArray |
| */ |
| public static void addInheritedOrgUnits( String msg, String[][] oArray ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr = getManagedDelegatedMgr(); |
| for ( String[] ole : oArray ) |
| { |
| OrgUnit child = OrgUnitTestData.getOrgUnit( ole ); |
| Set<String> parents = new HashSet<String>(); |
| OrgUnitTestData.getRelationship( parents, ole ); |
| |
| for ( String pOrg : parents ) |
| { |
| OrgUnit parent = new OrgUnit( pOrg ); |
| parent.setType( child.getType() ); |
| dAdminMgr.addInheritance( parent, child ); |
| LOG.debug( "addInheritedOrgUnits child org [" + child.getName() + "] parent org [" |
| + pOrg + "] successful" ); |
| } |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "addInheritedOrgUnits caught SecurityException rc=" + ex.getErrorId() + ", msg=" |
| + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testDeleteOrgInheritance() |
| { |
| deleteInheritedOrgUnits( "DEL-INHERIT ORGS_USR_TO2", OrgUnitTestData.ORGS_USR_TO2 ); |
| deleteInheritedOrgUnits( "DEL-INHERIT ORGS_PRM_TO4", OrgUnitTestData.ORGS_PRM_TO4 ); |
| deleteInheritedOrgUnits( "DEL-INHERIT ORGS_USR_TO5", OrgUnitTestData.ORGS_USR_TO5 ); |
| deleteInheritedOrgUnits( "DEL-INHERIT ORGS_PRM_TO5", OrgUnitTestData.ORGS_PRM_TO5 ); |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param oArray |
| */ |
| private void deleteInheritedOrgUnits( String msg, String[][] oArray ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr = getManagedDelegatedMgr(); |
| for ( String[] ole : oArray ) |
| { |
| OrgUnit child = OrgUnitTestData.getOrgUnit( ole ); |
| Set<String> parents = new HashSet<String>(); |
| OrgUnitTestData.getRelationship( parents, ole ); |
| |
| for ( String pOrg : parents ) |
| { |
| OrgUnit parent = new OrgUnit( pOrg ); |
| parent.setType( child.getType() ); |
| //public void deleteInheritance(OrgUnit parent, OrgUnit child) |
| dAdminMgr.deleteInheritance( parent, child ); |
| LOG.debug( "deleteInheritedOrgUnits child org [" + child.getName() + "] parent org [" |
| + pOrg + "] successful" ); |
| } |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( "deleteInheritedOrgUnits caught SecurityException rc=" + ex.getErrorId() + ", msg=" |
| + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testReadAdminRole() |
| { |
| // public Role readRole(Role role) |
| readAdminRoles( "RD-ADMRLS TR1", AdminRoleTestData.AROLES_TR1 ); |
| readAdminRoles( "RD-ADMRLS TR2", AdminRoleTestData.AROLES_TR2 ); |
| readAdminRoles( "RD-ADMRLS TR3_UPD", AdminRoleTestData.AROLES_TR3_UPD ); |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param rArray |
| */ |
| public static void readAdminRoles( String msg, String[][] rArray ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelReviewMgr dReviewMgr = getManagedDelegatedReviewMgr(); |
| for ( String[] rle : rArray ) |
| { |
| AdminRole entity = dReviewMgr.readRole( AdminRoleTestData.getRole( rle ) ); |
| AdminRoleTestData.assertEquals( entity, rle ); |
| LOG.debug( "readAdminRoles [" + entity.getName() + "] successful" ); |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( "readAdminRoles caught SecurityException=" + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testSearchAdminRole() |
| { |
| searchAdminRoles( "SRCH-ADMRLS TR1", |
| TestUtils.getSrchValue( RoleTestData.getName( AdminRoleTestData.AROLES_TR1[0] ) ), |
| AdminRoleTestData.AROLES_TR1 ); |
| searchAdminRoles( "SRCH-ADMRLS TR2", |
| TestUtils.getSrchValue( RoleTestData.getName( AdminRoleTestData.AROLES_TR2[0] ) ), |
| AdminRoleTestData.AROLES_TR2 ); |
| searchAdminRoles( "SRCH-ADMRLS TR3", |
| TestUtils.getSrchValue( RoleTestData.getName( AdminRoleTestData.AROLES_TR3_UPD[0] ) ), |
| AdminRoleTestData.AROLES_TR3_UPD ); |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param srchValue |
| * @param rArray |
| */ |
| public static void searchAdminRoles( String msg, String srchValue, String[][] rArray ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelReviewMgr dReviewMgr = getManagedDelegatedReviewMgr(); |
| List<AdminRole> roles = dReviewMgr.findRoles( srchValue ); |
| assertNotNull( roles ); |
| assertTrue( CLS_NM + "searchAdminRoles list size check", rArray.length == roles.size() ); |
| for ( String[] rle : rArray ) |
| { |
| int indx = roles.indexOf( AdminRoleTestData.getRole( rle ) ); |
| if ( indx != -1 ) |
| { |
| AdminRole entity = roles.get( indx ); |
| assertNotNull( entity ); |
| AdminRoleTestData.assertEquals( entity, rle ); |
| LOG.debug( "searchAdminRoles [" + entity.getName() + "] successful" ); |
| } |
| else |
| { |
| msg = "searchAdminRoles srchValue [" + srchValue + "] failed list search"; |
| LogUtil.logIt( msg ); |
| fail( msg ); |
| } |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "searchAdminRoles srchValue [" + srchValue + "] caught SecurityException rc=" |
| + ex.getErrorId() + ", msg=" + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testAddOrgUnitDescendant() |
| { |
| addOrgUnitDescendant( "ADD ORGS-USR-TO6-DESC", OrgUnitTestData.ORGS_USR_TO6_DSC, OrgUnit.Type.USER ); |
| addOrgUnitDescendant( "ADD ORGS-PRM-TO6-DESC", OrgUnitTestData.ORGS_PRM_TO6_DSC, OrgUnit.Type.PERM ); |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param oArray |
| */ |
| public static void addOrgUnitDescendant( String msg, String[][] oArray, OrgUnit.Type type ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr = getManagedDelegatedMgr(); |
| int ctr = 0; |
| for ( String[] ole : oArray ) |
| { |
| OrgUnit orgUnit = OrgUnitTestData.getOrgUnit( ole ); |
| if ( ctr++ == 0 || OrgUnitTestData.isTree( ole ) ) |
| { |
| dAdminMgr.add( orgUnit ); |
| LOG.debug( "addOrgUnitDescendant add orgUnit [" + orgUnit.getName() + "] successful" ); |
| } |
| |
| // use list because order is important for test structure: |
| List<String> descs = new ArrayList<String>(); |
| OrgUnitTestData.getRelationship( descs, ole ); |
| |
| if ( OrgUnitTestData.isTree( ole ) ) |
| { |
| OrgUnit parent = orgUnit; |
| for ( String desc : descs ) |
| { |
| OrgUnit child = new OrgUnit( desc, type ); |
| dAdminMgr.addDescendant( parent, new OrgUnit( desc, type ) ); |
| LOG.debug( "addOrgUnitDescendant asc orgUnit [" + orgUnit.getName() |
| + "] desc orgUnit [" + desc + "] successful" ); |
| parent = child; |
| } |
| } |
| else |
| { |
| for ( String desc : descs ) |
| { |
| dAdminMgr.addDescendant( orgUnit, new OrgUnit( desc, type ) ); |
| LOG.debug( "addOrgUnitDescendant asc orgUnit [" + orgUnit.getName() |
| + "] desc orgUnit [" + desc + "] successful" ); |
| } |
| } |
| |
| Set<String> inheritances = OrgUnitTestData.getInheritances( ole ); |
| if ( inheritances != null ) |
| { |
| for ( String desc : inheritances ) |
| { |
| dAdminMgr.addInheritance( orgUnit, new OrgUnit( desc, type ) ); |
| LOG.debug( "addOrgUnitDescendant asc orgUnit [" + orgUnit.getName() |
| + "] desc orgUnit [" + desc + "] successful" ); |
| } |
| } |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "addOrgUnitDescendant caught SecurityException rc=" + ex.getErrorId() + ", msg=" |
| + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testDelOrgUnitDescendant() throws SecurityException |
| { |
| delOrgUnitDescendant( "DEL-ORGS-USR-TO6-DESC", OrgUnitTestData.ORGS_USR_TO6_DSC, OrgUnit.Type.USER ); |
| delOrgUnitDescendant( "DEL-ORGS-PRM-TO6-DESC", OrgUnitTestData.ORGS_PRM_TO6_DSC, OrgUnit.Type.PERM ); |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| */ |
| private void delOrgUnitDescendant( String msg, String[][] oArray, OrgUnit.Type type ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr = getManagedDelegatedMgr(); |
| for ( String[] ole : oArray ) |
| { |
| OrgUnit orgUnit = OrgUnitTestData.getOrgUnit( ole ); |
| // use list because order is important for test structure: |
| List<String> descs = new ArrayList<String>(); |
| OrgUnitTestData.getRelationship( descs, ole ); |
| |
| if ( OrgUnitTestData.isTree( ole ) ) |
| { |
| OrgUnit parent = orgUnit; |
| for ( String desc : descs ) |
| { |
| OrgUnit child = new OrgUnit( desc ); |
| dAdminMgr.deleteInheritance( parent, new OrgUnit( desc, type ) ); |
| LOG.debug( "delOrgUnitDescendant asc orgUnit [" + orgUnit.getName() |
| + "] desc orgUnit [" + desc + "] successful" ); |
| parent = child; |
| } |
| } |
| else |
| { |
| for ( String desc : descs ) |
| { |
| dAdminMgr.deleteInheritance( orgUnit, new OrgUnit( desc, type ) ); |
| LOG.debug( "delOrgUnitDescendant asc orgUnit [" + orgUnit.getName() |
| + "] desc orgUnit [" + desc + "] successful" ); |
| } |
| } |
| |
| Set<String> inheritances = OrgUnitTestData.getInheritances( ole ); |
| if ( inheritances != null ) |
| { |
| for ( String desc : inheritances ) |
| { |
| dAdminMgr.deleteInheritance( orgUnit, new OrgUnit( desc, type ) ); |
| LOG.debug( "delOrgUnitDescendant asc orgUnit [" + orgUnit.getName() |
| + "] desc orgUnit [" + desc + "] successful" ); |
| } |
| } |
| dAdminMgr.delete( orgUnit ); |
| LOG.debug( "delOrgUnitDescendant remove asc orgUnit [" + orgUnit.getName() + "] successful" ); |
| } |
| |
| // cleanup the last row of descendants from orgUnit data set. |
| DelReviewMgr dReviewMgr = getManagedDelegatedReviewMgr(); |
| String orgUnitSrchVal = TestUtils.getSrchValue( OrgUnitTestData.getName( oArray[0] ) ); |
| List<OrgUnit> cleanup = dReviewMgr.search( type, orgUnitSrchVal ); |
| for ( OrgUnit oe : cleanup ) |
| { |
| dAdminMgr.delete( oe ); |
| LOG.debug( "delOrgUnitDescendant cleanup orgUnit [" + oe.getName() + "] successful" ); |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "delOrgUnitDescendant caught SecurityException rc=" + ex.getErrorId() + ", msg=" |
| + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testAddOrgUnitAscendants() |
| { |
| addOrgUnitAscendant( "ADD-ORGS-USR-TR7-ASC", OrgUnitTestData.ORGS_USR_TO7_ASC, OrgUnit.Type.USER ); |
| addOrgUnitAscendant( "ADD-ORGS-PRM-TR7-ASC", OrgUnitTestData.ORGS_PRM_TO7_ASC, OrgUnit.Type.PERM ); |
| |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param oArray |
| * @param type |
| */ |
| public static void addOrgUnitAscendant( String msg, String[][] oArray, OrgUnit.Type type ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr = getManagedDelegatedMgr(); |
| for ( String[] ole : oArray ) |
| { |
| OrgUnit orgUnit = OrgUnitTestData.getOrgUnit( ole ); |
| if ( OrgUnitTestData.isCreate( ole ) ) |
| { |
| dAdminMgr.add( orgUnit ); |
| LOG.debug( "addOrgUnitAscendant add orgUnit [" + orgUnit.getName() + "] successful" ); |
| } |
| |
| Set<String> ascs = new HashSet<String>(); |
| OrgUnitTestData.getRelationship( ascs, ole ); |
| |
| for ( String asc : ascs ) |
| { |
| dAdminMgr.addAscendant( orgUnit, new OrgUnit( asc, type ) ); |
| LOG.debug( "addOrgUnitAscendant desc role [" + orgUnit.getName() + "] asc role [" |
| + asc + "] successful" ); |
| } |
| |
| Set<String> inheritances = OrgUnitTestData.getInheritances( ole ); |
| if ( inheritances != null ) |
| { |
| for ( String asc : inheritances ) |
| { |
| dAdminMgr.addInheritance( new OrgUnit( asc, type ), orgUnit ); |
| LOG.debug( "addOrgUnitAscendant desc role [" + orgUnit.getName() + "] asc role [" |
| + asc + "] successful" ); |
| } |
| } |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "addOrgUnitAscendant caught SecurityException rc=" + ex.getErrorId() + ", msg=" |
| + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testDelOrgUnitAscendant() |
| { |
| delOrgUnitAscendant( "DEL-ORGS-USR-TR7-ASC", OrgUnitTestData.ORGS_USR_TO7_ASC, OrgUnit.Type.USER ); |
| delOrgUnitAscendant( "DEL-ORGS-PRM-TR7-ASC", OrgUnitTestData.ORGS_PRM_TO7_ASC, OrgUnit.Type.PERM ); |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param oArray |
| */ |
| private void delOrgUnitAscendant( String msg, String[][] oArray, OrgUnit.Type type ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr = getManagedDelegatedMgr(); |
| for ( String[] ole : oArray ) |
| { |
| OrgUnit orgUnit = OrgUnitTestData.getOrgUnit( ole ); |
| Set<String> ascs = new HashSet<String>(); |
| OrgUnitTestData.getRelationship( ascs, ole ); |
| |
| for ( String asc : ascs ) |
| { |
| dAdminMgr.deleteInheritance( new OrgUnit( asc, type ), orgUnit ); |
| LOG.debug( "delOrgUnitAscendant desc orgUnit [" + orgUnit.getName() |
| + "] asc orgUnit [" + asc + "] successful" ); |
| } |
| |
| Set<String> inheritances = OrgUnitTestData.getInheritances( ole ); |
| if ( inheritances != null ) |
| { |
| for ( String asc : inheritances ) |
| { |
| dAdminMgr.deleteInheritance( new OrgUnit( asc, type ), orgUnit ); |
| LOG.debug( "delOrgUnitAscendant desc orgUnit [" + orgUnit.getName() |
| + "] asc orgUnit [" + asc + "] successful" ); |
| } |
| } |
| dAdminMgr.delete( orgUnit ); |
| LOG.debug( "delOrgUnitAscendant remove desc orgUnit [" + orgUnit.getName() + "] successful" ); |
| } |
| |
| // cleanup the top ascendant from orgUnit data set. |
| DelReviewMgr dReviewMgr = getManagedDelegatedReviewMgr(); |
| String orgUnitSrchVal = OrgUnitTestData.getName( oArray[0] ); |
| // stip off prefix and search: |
| orgUnitSrchVal = orgUnitSrchVal.substring( 0, 3 ); |
| List<OrgUnit> cleanup = dReviewMgr.search( type, orgUnitSrchVal ); |
| for ( OrgUnit oe : cleanup ) |
| { |
| dAdminMgr.delete( oe ); |
| LOG.debug( "delOrgUnitAscendant cleanup orgUnit [" + oe.getName() + "] successful" ); |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "delOrgUnitAscendant caught SecurityException rc=" + ex.getErrorId() + ", msg=" |
| + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testAddAdminRoleDescendant() |
| { |
| addAdminRoleDescendant( "ADD-ARLS-TR5-DESC", AdminRoleTestData.AROLES_TR5_DSC ); |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param rArray |
| */ |
| public static void addAdminRoleDescendant( String msg, String[][] rArray ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr = getManagedDelegatedMgr(); |
| int ctr = 0; |
| for ( String[] rle : rArray ) |
| { |
| AdminRole adminRole = AdminRoleTestData.getRole( rle ); |
| if ( ctr++ == 0 || RoleTestData.isTree( rle ) ) |
| { |
| dAdminMgr.addRole( adminRole ); |
| LOG.debug( "addAdminRoleDescendant add role [" + adminRole.getName() + "] successful" ); |
| } |
| |
| // use list because order is important for test structure: |
| List<String> descs = RoleTestData.getRelationshipList( rle ); |
| if ( descs != null ) |
| { |
| if ( RoleTestData.isTree( rle ) ) |
| { |
| AdminRole parent = adminRole; |
| for ( String desc : descs ) |
| { |
| AdminRole child = new AdminRole( desc ); |
| dAdminMgr.addDescendant( parent, new AdminRole( desc ) ); |
| LOG.debug( "addAdminRoleDescendant asc role [" + adminRole.getName() |
| + "] desc role [" + desc + "] successful" ); |
| parent = child; |
| } |
| } |
| else |
| { |
| for ( String desc : descs ) |
| { |
| dAdminMgr.addDescendant( adminRole, new AdminRole( desc ) ); |
| LOG.debug( "addAdminRoleDescendant asc role [" + adminRole.getName() |
| + "] desc role [" + desc + "] successful" ); |
| } |
| } |
| } |
| |
| Set<String> inheritances = RoleTestData.getInheritances( rle ); |
| if ( inheritances != null ) |
| { |
| for ( String desc : inheritances ) |
| { |
| dAdminMgr.addInheritance( adminRole, new AdminRole( desc ) ); |
| LOG.debug( "addAdminRoleDescendant asc role [" + adminRole.getName() |
| + "] desc role [" + desc + "] successful" ); |
| } |
| } |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( "addAdminRoleDescendant caught SecurityException rc=" + ex.getErrorId() + ", msg=" |
| + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testDelAdminRoleDescendant() throws SecurityException |
| { |
| delAdminRoleDescendant( "DEL-ARLS-TR5-DESC", AdminRoleTestData.AROLES_TR5_DSC ); |
| } |
| |
| |
| private void delAdminRoleDescendant( String msg, String[][] rArray ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr = getManagedDelegatedMgr(); |
| for ( String[] rle : rArray ) |
| { |
| AdminRole adminRole = AdminRoleTestData.getRole( rle ); |
| // use list because order is important for test structure: |
| List<String> descs = RoleTestData.getRelationshipList( rle ); |
| if ( descs != null ) |
| { |
| if ( RoleTestData.isTree( rle ) ) |
| { |
| AdminRole parent = adminRole; |
| for ( String desc : descs ) |
| { |
| AdminRole child = new AdminRole( desc ); |
| dAdminMgr.deleteInheritance( parent, new AdminRole( desc ) ); |
| LOG.debug( "delAdminRoleDescendant asc adminRole [" + adminRole.getName() |
| + "] desc adminRole [" + desc + "] successful" ); |
| parent = child; |
| } |
| } |
| else |
| { |
| for ( String desc : descs ) |
| { |
| dAdminMgr.deleteInheritance( adminRole, new AdminRole( desc ) ); |
| LOG.debug( "delAdminRoleDescendant asc adminRole [" + adminRole.getName() |
| + "] desc adminRole [" + desc + "] successful" ); |
| } |
| } |
| } |
| |
| Set<String> inheritances = RoleTestData.getInheritances( rle ); |
| if ( inheritances != null ) |
| { |
| for ( String desc : inheritances ) |
| { |
| dAdminMgr.deleteInheritance( adminRole, new AdminRole( desc ) ); |
| LOG.debug( "delAdminRoleDescendant asc adminRole [" + adminRole.getName() |
| + "] desc adminRole [" + desc + "] successful" ); |
| } |
| } |
| dAdminMgr.deleteRole( adminRole ); |
| LOG.debug( "delAdminRoleDescendant remove asc adminRole [" + adminRole.getName() |
| + "] successful" ); |
| } |
| |
| // cleanup the last row of descendants from orgUnit data set. |
| DelReviewMgr dReviewMgr = getManagedDelegatedReviewMgr(); |
| String srchVal = TestUtils.getSrchValue( RoleTestData.getName( rArray[0] ) ); |
| List<AdminRole> cleanup = dReviewMgr.findRoles( srchVal ); |
| |
| for ( Role re : cleanup ) |
| { |
| dAdminMgr.deleteRole( (AdminRole)re ); |
| LOG.debug( "delAdminRoleDescendant cleanup adminRole [" + re.getName() + "] successful" ); |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "delOrgUnitDescendant caught SecurityException rc=" + ex.getErrorId() + ", msg=" |
| + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testAddAdminRoleAscendants() |
| { |
| addAdminRoleAscendant( "ADD-ARLS-TR4-ASC", AdminRoleTestData.AROLES_TR4_ASC ); |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param rArray |
| */ |
| public static void addAdminRoleAscendant( String msg, String[][] rArray ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr = getManagedDelegatedMgr(); |
| for ( String[] rle : rArray ) |
| { |
| AdminRole adminRole = AdminRoleTestData.getRole( rle ); |
| if ( RoleTestData.isCreate( rle ) ) |
| { |
| dAdminMgr.addRole( adminRole ); |
| LOG.debug( "addAdminRoleAscendant add adminRole [" + adminRole.getName() + "] successful" ); |
| } |
| Set<String> ascs = RoleTestData.getRelationships( rle ); |
| if ( ascs != null ) |
| { |
| for ( String asc : ascs ) |
| { |
| dAdminMgr.addAscendant( adminRole, new AdminRole( asc ) ); |
| LOG.debug( "addAdminRoleAscendant desc role [" + adminRole.getName() + "] asc role [" |
| + asc + "] successful" ); |
| } |
| } |
| Set<String> inheritances = RoleTestData.getInheritances( rle ); |
| if ( inheritances != null ) |
| { |
| for ( String asc : inheritances ) |
| { |
| dAdminMgr.addInheritance( new AdminRole( asc ), adminRole ); |
| LOG.debug( "addAdminRoleAscendant desc role [" + adminRole.getName() + "] asc role [" |
| + asc + "] successful" ); |
| } |
| } |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "addAdminRoleAscendant caught SecurityException rc=" + ex.getErrorId() + ", msg=" |
| + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testDelAdminRoleAscendant() |
| { |
| delAdminRoleAscendant( "DEL-ARLS-TR4-ASC", AdminRoleTestData.AROLES_TR4_ASC ); |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param rArray |
| */ |
| private void delAdminRoleAscendant( String msg, String[][] rArray ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr = getManagedDelegatedMgr(); |
| for ( String[] rle : rArray ) |
| { |
| AdminRole adminRole = AdminRoleTestData.getRole( rle ); |
| Set<String> ascs = RoleTestData.getRelationships( rle ); |
| if ( ascs != null ) |
| { |
| for ( String asc : ascs ) |
| { |
| dAdminMgr.deleteInheritance( new AdminRole( asc ), adminRole ); |
| LOG.debug( "delAdminRoleAscendant desc adminRole [" + adminRole.getName() |
| + "] asc adminRole [" + asc + "] successful" ); |
| } |
| } |
| |
| Set<String> inheritances = RoleTestData.getInheritances( rle ); |
| if ( inheritances != null ) |
| { |
| for ( String asc : inheritances ) |
| { |
| dAdminMgr.deleteInheritance( new AdminRole( asc ), adminRole ); |
| LOG.debug( "delAdminRoleAscendant desc adminRole [" + adminRole.getName() |
| + "] asc orgUnit [" + asc + "] successful" ); |
| } |
| } |
| dAdminMgr.deleteRole( adminRole ); |
| LOG.debug( "delAdminRoleAscendant remove desc adminRole [" + adminRole.getName() |
| + "] successful" ); |
| } |
| |
| // cleanup the top ascendant from orgUnit data set. |
| DelReviewMgr dReviewMgr = getManagedDelegatedReviewMgr(); |
| String adminRoleSrchVal = RoleTestData.getName( rArray[0] ); |
| // stip off prefix and search: |
| adminRoleSrchVal = adminRoleSrchVal.substring( 0, 3 ); |
| List<AdminRole> cleanup = dReviewMgr.findRoles( adminRoleSrchVal ); |
| for ( AdminRole re : cleanup ) |
| { |
| dAdminMgr.deleteRole( re ); |
| LOG.debug( "delAdminRoleAscendant cleanup adminRole [" + re.getName() + "] successful" ); |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( |
| "delAdminRoleAscendant caught SecurityException rc=" + ex.getErrorId() + ", msg=" |
| + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testAddAdminRoleInheritance() |
| { |
| addInheritedAdminRoles( "ADD-ARLS-TR6-HIER", AdminRoleTestData.AROLES_TR6_HIER ); |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param rArray |
| */ |
| public static void addInheritedAdminRoles( String msg, String[][] rArray ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr = getManagedDelegatedMgr(); |
| for ( String[] rle : rArray ) |
| { |
| AdminRole role = AdminRoleTestData.getRole( rle ); |
| Set<String> parents = RoleTestData.getRelationships( rle ); |
| if ( parents != null ) |
| { |
| for ( String pRole : parents ) |
| { |
| dAdminMgr.addInheritance( new AdminRole( pRole ), role ); |
| LOG.debug( "addInheritedAdminRoles child role [" + role.getName() + "] parent role [" |
| + pRole + "] successful" ); |
| } |
| } |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( "addInheritedAdminRoles caught SecurityException rc=" + ex.getErrorId() + ", msg=" |
| + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| public void testDeleteAdminRoleInheritance() |
| { |
| deleteInheritedAdminRoles( "DEL-ARLS-TR6-HIER", AdminRoleTestData.AROLES_TR6_HIER ); |
| } |
| |
| |
| /** |
| * |
| * @param msg |
| * @param rArray |
| */ |
| private static void deleteInheritedAdminRoles( String msg, String[][] rArray ) |
| { |
| LogUtil.logIt( msg ); |
| try |
| { |
| DelAdminMgr dAdminMgr = getManagedDelegatedMgr(); |
| for ( String[] rle : rArray ) |
| { |
| AdminRole role = AdminRoleTestData.getRole( rle ); |
| Set<String> parents = RoleTestData.getRelationships( rle ); |
| if ( parents != null ) |
| { |
| for ( String pRole : parents ) |
| { |
| dAdminMgr.deleteInheritance( new AdminRole( pRole ), role ); |
| LOG.debug( "deleteInheritedAdminRoles child role [" + role.getName() |
| + "] parent role [" + pRole + "] successful" ); |
| } |
| } |
| } |
| } |
| catch ( SecurityException ex ) |
| { |
| LOG.error( "deleteInheritedAdminRoles caught SecurityException rc=" + ex.getErrorId() + ", msg=" |
| + ex.getMessage(), ex ); |
| fail( ex.getMessage() ); |
| } |
| } |
| |
| |
| /** |
| * |
| * @return |
| * @throws SecurityException |
| */ |
| private static DelReviewMgr getManagedDelegatedReviewMgr() throws SecurityException |
| { |
| DelReviewMgr dReviewMgr = DelReviewMgrFactory.createInstance( TestUtils.getContext() ); |
| if ( FortressJUnitTest.isAdminEnabled() && adminSess == null ) |
| { |
| adminSess = DelegatedMgrImplTest.createAdminSession(); |
| } |
| dReviewMgr.setAdmin( adminSess ); |
| return dReviewMgr; |
| } |
| |
| |
| private static DelReviewMgr getDelegatedReviewMgr() throws SecurityException |
| { |
| return DelReviewMgrFactory.createInstance( TestUtils.getContext() ); |
| } |
| |
| |
| /** |
| * |
| * @return |
| * @throws SecurityException |
| */ |
| private static DelAdminMgr getManagedDelegatedMgr() throws SecurityException |
| { |
| if ( FortressJUnitTest.isAdminEnabled() && adminSess == null ) |
| { |
| adminSess = DelegatedMgrImplTest.createAdminSession(); |
| } |
| return DelAdminMgrFactory.createInstance( TestUtils.getContext(), adminSess ); |
| } |
| |
| |
| /** |
| * |
| * @return |
| */ |
| public static boolean loadAdminPolicy() |
| { |
| boolean result = true; |
| try |
| { |
| ReviewMgr rMgr = ReviewMgrFactory.createInstance( TestUtils.getContext() ); |
| User admin = UserTestData.getUser( UserTestData.USERS_TU0[0] ); |
| rMgr.readUser( admin ); |
| result = false; |
| } |
| catch ( SecurityException se ) |
| { |
| String info = " loadAdminPolicy detected admin policy not loaded"; |
| LOG.debug( info ); |
| } |
| return result; |
| } |
| |
| |
| /** |
| * |
| */ |
| public static Session createAdminSession() |
| { |
| Session adminSess = null; |
| try |
| { |
| AccessMgr accessMgr = AccessMgrFactory.createInstance( TestUtils.getContext() ); |
| User admin; |
| // If these tests are invoked via REST, the admin creds will configured as fortress.properties, otherwise part of the test data. |
| if(Config.getInstance().isRestEnabled()) |
| { |
| admin = new User(Config.getInstance().getProperty( GlobalIds.HTTP_UID_PROP ), Config.getInstance().getProperty( GlobalIds.HTTP_PW_PROP )); |
| } |
| else |
| { |
| admin = UserTestData.getUser( UserTestData.USERS_TU0[0] ); |
| } |
| adminSess = accessMgr.createSession( admin, false ); |
| } |
| catch ( SecurityException ex ) |
| { |
| String error = " static initializer caught SecurityException rc=" + ex.getErrorId() + ", msg=" |
| + ex.getMessage(); |
| LOG.error( error ); |
| } |
| return adminSess; |
| } |
| } |