| /* |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * https://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| * |
| */ |
| package org.apache.directory.fortress.core.impl; |
| |
| import org.apache.directory.fortress.core.ldap.LdapCounters; |
| import org.apache.directory.fortress.core.ldap.LdapDataProvider; |
| import org.apache.directory.fortress.core.util.Config; |
| |
| import junit.framework.Test; |
| import junit.framework.TestCase; |
| import junit.framework.TestSuite; |
| |
| /** |
| * This JUnit test class drives all of the Fortress Administration APIs contained within {@link AdminMgrImplTest}, |
| * {@link DelegatedMgrImplTest}, {@link org.apache.directory.fortress.core.impl.PwPolicyMgrImpl} and {@link org.apache.directory.fortress.core.impl.AuditMgrImpl}. |
| * There are more than 150 distinct test cases that kicked off from within this JUnit test wrapper. |
| * Fortress JUnit test phases in this file include: |
| * 1. Tear-down data (optional) - during this phase previously loaded test data is removed from directory. |
| * 2. Buildup data - add it back. |
| * 3. Interrogate data - entity and security policy review APIs. |
| * 4. Check data - runtime security rule evaluations. |
| * 4. Audit data - validate audit log coverage. |
| * <p> |
| * Note: Data is retained in LDAP directory after these tests run (assuming the client was able to connect |
| * to the LDAP server). |
| * |
| * @author <a href="mailto:dev@directory.apache.org">Apache Directory Project</a> |
| */ |
| public class FortressJUnitTest extends TestCase |
| { |
| private static boolean adminEnabled; |
| |
| public static boolean isAdminEnabled() |
| { |
| return adminEnabled; |
| } |
| |
| private static void setAdminEnabled( boolean adminVal ) |
| { |
| adminEnabled = adminVal; |
| } |
| |
| private static boolean isFirstRun = getFirstRun(); |
| //private static boolean isFirstRun = true; |
| |
| private static boolean getFirstRun() |
| { |
| isFirstRun = !ReviewMgrImplTest.teardownRequired( "TD-RLS TR1", RoleTestData.ROLES_TR1 ); |
| return isFirstRun; |
| } |
| |
| public static boolean isFirstRun() |
| { |
| return isFirstRun; |
| } |
| |
| @Deprecated |
| public static void setFirstRun( boolean firstRun ) |
| { |
| isFirstRun = firstRun; |
| } |
| |
| /** |
| * @return |
| */ |
| public static Test suite() |
| { |
| TestSuite suite = new TestSuite(); |
| //setAdminEnabled(false); |
| setAdminEnabled( true ); |
| /***********************************************************/ |
| /* 0. Load the base Admin Policy if need be: |
| /***********************************************************/ |
| if ( DelegatedMgrImplTest.loadAdminPolicy() ) |
| { |
| // ARBAC Buildup APIs: |
| suite.addTest( new DelegatedMgrImplTest( "testAddAdminUser" ) ); |
| } |
| |
| /***********************************************************/ |
| /* 1. Tear Down Phase */ |
| /***********************************************************/ |
| if ( !isFirstRun() ) |
| { |
| // PwPolicyMgr PW Policy Teardown: |
| if ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() ) |
| { |
| suite.addTest( new PswdPolicyMgrImplTest( "testDeletePasswordPolicy" ) ); |
| } |
| |
| suite.addTest( new AdminMgrImplTest( "testDisableRoleConstraint" ) ); |
| |
| // GroupMgr |
| suite.addTest( new GroupMgrImplTest( "testDeassignGroupRoleMember" ) ); |
| suite.addTest( new GroupMgrImplTest( "testDeassignGroupUserMember" ) ); |
| suite.addTest( new GroupMgrImplTest( "testDeleteGroup" ) ); |
| |
| // AdminMgrImplTest RBAC Teardown APIs: |
| suite.addTest( new AdminMgrImplTest( "testRevokePermissionUser" ) ); |
| suite.addTest( new AdminMgrImplTest( "testRevokePermissionRole" ) ); |
| suite.addTest( new AdminMgrImplTest( "testDeletePermissionOp" ) ); |
| suite.addTest( new AdminMgrImplTest( "testDeletePermissionObj" ) ); |
| suite.addTest( new AdminMgrImplTest( "testDeletePermissionAttributeSets" ) ); |
| suite.addTest( new AdminMgrImplTest( "testDeassignUserRoleConstraints" ) ); |
| suite.addTest( new AdminMgrImplTest( "testDeassignUser" ) ); |
| |
| |
| // Requires password policies: |
| if ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() ) |
| { |
| suite.addTest( new AdminMgrImplTest( "testDeleteUser" ) ); |
| } |
| |
| suite.addTest( new AdminMgrImplTest( "testForceDeleteUser" ) ); |
| suite.addTest( new AdminMgrImplTest( "testDeleteSsdRoleMember" ) ); |
| suite.addTest( new AdminMgrImplTest( "testDeleteDsdRoleMember" ) ); |
| suite.addTest( new AdminMgrImplTest( "testDeleteSsdSet" ) ); |
| suite.addTest( new AdminMgrImplTest( "testDeleteDsdSet" ) ); |
| suite.addTest( new AdminMgrImplTest( "testDeleteRoleInheritance" ) ); |
| suite.addTest( new AdminMgrImplTest( "testDelRoleDescendant" ) ); |
| suite.addTest( new AdminMgrImplTest( "testDelRoleAscendant" ) ); |
| suite.addTest( new AdminMgrImplTest( "testDeleteRole" ) ); |
| if ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() ) |
| { |
| suite.addTest( new PswdPolicyMgrImplTest( "testDelete" ) ); |
| } |
| |
| // DelAdminMgr ARBAC Teardown APIs |
| suite.addTest( new DelegatedMgrImplTest( "testRevokePermissionRole" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testDeassignAdminUser" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testDeleteUser" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testDeletePermission" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testDelAdminRoleDescendant" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testDelAdminRoleAscendant" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testDeleteAdminRoleInheritance" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testDeleteRole" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testDeleteOrgInheritance" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testDelOrgUnitDescendant" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testDelOrgUnitAscendant" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testDeleteOrgUnit" ) ); |
| //suite.addTest(new DelegatedMgrImplTest("testDeleteAdminUser")); |
| } |
| |
| /***********************************************************/ |
| /* 2. Build Up */ |
| /***********************************************************/ |
| // PW PolicyMgr APIs: |
| if ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() ) |
| { |
| suite.addTest( new PswdPolicyMgrImplTest( "testAdd" ) ); |
| suite.addTest( new PswdPolicyMgrImplTest( "testUpdate" ) ); |
| } |
| |
| // DelegatedAdminMgrImplTest ARBAC Buildup APIs: |
| suite.addTest( new DelegatedMgrImplTest( "testAddOrgUnit" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testUpdateOrgUnit" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testAddOrgInheritance" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testAddOrgUnitDescendant" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testAddOrgUnitAscendants" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testAddRole" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testUpdateAdminRole" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testAddAdminRoleDescendant" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testAddAdminRoleAscendants" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testAddAdminRoleInheritance" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testAddUser" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testAddPermission" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testAssignAdminUser" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testGrantPermissionRole" ) ); |
| |
| // AdminMgr RBAC APIs: |
| suite.addTest( new AdminMgrImplTest( "testAddRole" ) ); |
| suite.addTest( new AdminMgrImplTest( "testAddRoleInheritance" ) ); |
| suite.addTest( new AdminMgrImplTest( "testAddRoleDescendant" ) ); |
| suite.addTest( new AdminMgrImplTest( "testAddRoleAscendants" ) ); |
| suite.addTest( new AdminMgrImplTest( "testCreateSsdSet" ) ); |
| suite.addTest( new AdminMgrImplTest( "testCreateDsdSet" ) ); |
| suite.addTest( new AdminMgrImplTest( "testAddSsdRoleMember" ) ); |
| suite.addTest( new AdminMgrImplTest( "testAddDsdRoleMember" ) ); |
| suite.addTest( new AdminMgrImplTest( "testSsdCardinality" ) ); |
| suite.addTest( new AdminMgrImplTest( "testDsdCardinality" ) ); |
| suite.addTest( new AdminMgrImplTest( "testUpdateRole" ) ); |
| suite.addTest( new AdminMgrImplTest( "testAddUser" ) ); |
| suite.addTest( new AdminMgrImplTest( "testUpdateUser" ) ); |
| if ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() ) |
| { |
| suite.addTest( new PswdPolicyMgrImplTest( "testUpdatePasswordPolicy" ) ); |
| } |
| suite.addTest( new AdminMgrImplTest( "testAssignUser" ) ); |
| suite.addTest( new AdminMgrImplTest( "testEnableRoleConstraint" ) ); |
| suite.addTest( new AdminMgrImplTest( "testAssignUserRoleConstraints" ) ); |
| suite.addTest( new AdminMgrImplTest( "testAddPermissionObj" ) ); |
| suite.addTest( new AdminMgrImplTest( "testUpdatePermissionObj" ) ); |
| suite.addTest( new AdminMgrImplTest( "testAddPermissionOp" ) ); |
| suite.addTest( new AdminMgrImplTest( "testUpdatePermissionOp" ) ); |
| suite.addTest( new AdminMgrImplTest( "testGrantPermissionRole" ) ); |
| suite.addTest( new AdminMgrImplTest( "testGrantPermissionUser" ) ); |
| suite.addTest( new AdminMgrImplTest( "testAddPermissionAttributeSet" ) ); |
| suite.addTest( new AdminMgrImplTest( "testAddPermissionAttributeToSet" ) ); |
| suite.addTest( new AdminMgrImplTest( "testAddPASetToPermission" ) ); |
| suite.addTest( new AdminMgrImplTest( "testAddUserRoleConstraint" ) ); |
| suite.addTest( new AdminMgrImplTest( "testRemoveUserRoleConstraint" ) ); |
| |
| // GroupMgr APIs |
| suite.addTest( new GroupMgrImplTest( "testAddGroup" ) ); |
| suite.addTest( new GroupMgrImplTest( "testAssignGroupUserMember" ) ); |
| suite.addTest( new GroupMgrImplTest( "testAssignGroupRoleMember" ) ); |
| suite.addTest( new GroupMgrImplTest( "testGroupRoles" ) ); |
| suite.addTest( new GroupMgrImplTest( "testRoleGroups" ) ); |
| |
| // PropertyMgr APIs |
| suite.addTest( new PropertyMgrImplTest( "testCrudProperties" ) ); |
| |
| /***********************************************************/ |
| /* 3. Interrogation */ |
| /***********************************************************/ |
| // DelReviewMgr ARBAC: |
| suite.addTest( new DelegatedMgrImplTest( "testReadOrgUnit" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testSearchOrgUnits" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testReadAdminRole" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testSearchAdminRole" ) ); |
| |
| // ReviewMgr RBAC: |
| if ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() ) |
| { |
| suite.addTest( new PswdPolicyMgrImplTest( "testRead" ) ); |
| suite.addTest( new PswdPolicyMgrImplTest( "testSearch" ) ); |
| } |
| suite.addTest( new ReviewMgrImplTest( "testReadRole" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testFindRoles" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testFindRoleNms" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testReadUser" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testFindUsers" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testFindUserIds" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testAssignedRoles" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testAssignedRoleNms" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testAuthorizedRoles" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testAuthorizedUsers" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testAuthorizedUserIds" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testAuthorizedUsersHier" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testReadPermissionObj" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testFindPermissionObjs" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testReadPermissionOp" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testFindPermissionOps" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testRolePermissions" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testPermissionRoles" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testAuthorizedPermissionRoles" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testPermissionUsers" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testAuthorizedPermissionUsers" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testUserPermissions" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testFindSsdSets" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testFindDsdSets" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testAssignedUserRoleConstraints" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testReadPermissionAttributeSets" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testReadPASetFromPermission" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testReadUserRoleConstraint" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testFindRoleConstraints" ) ); |
| suite.addTest( new ReviewMgrImplTest( "testDeassignRoleWithRoleConstraint" ) ); |
| |
| /***********************************************************/ |
| /* 4. Security Checks */ |
| /***********************************************************/ |
| // DelAccessMgr ARABC: |
| suite.addTest( new DelegatedMgrImplTest( "testCheckAccess" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testCanAssignUser" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testCanDeassignUser" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testCanGrantPerm" ) ); |
| suite.addTest( new DelegatedMgrImplTest( "testCanRevokePerm" ) ); |
| |
| // AccessMgr RBAC: |
| suite.addTest( new AccessMgrImplTest( "testGetUserId" ) ); |
| suite.addTest( new AccessMgrImplTest( "testGetUser" ) ); |
| if ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() ) |
| { |
| // These tests are reliant on OpenLDAP's pwpolicy overlay: |
| suite.addTest( new AdminMgrImplTest( "testResetPassword" ) ); |
| suite.addTest( new AccessMgrImplTest( "testAuthenticateReset" ) ); |
| suite.addTest( new AdminMgrImplTest( "testChangePassword" ) ); |
| suite.addTest( new AccessMgrImplTest( "testAuthenticate" ) ); |
| suite.addTest( new AdminMgrImplTest( "testLockUserAccount" ) ); |
| suite.addTest( new AccessMgrImplTest( "testAuthenticateLocked" ) ); |
| suite.addTest( new AdminMgrImplTest( "testUnlockUserAccount" ) ); |
| } |
| suite.addTest( new AccessMgrImplTest( "testCreateSession" ) ); |
| suite.addTest( new AccessMgrImplTest( "testCreateSessionTrusted" ) ); |
| suite.addTest( new AccessMgrImplTest( "testCreateSessionHier" ) ); |
| suite.addTest( new AccessMgrImplTest( "createSessionsDSD" ) ); |
| // hit it again to make sure the caching is working good: |
| suite.addTest( new AccessMgrImplTest( "createSessionsDSD" ) ); |
| suite.addTest( new AccessMgrImplTest( "testSessionRole" ) ); |
| suite.addTest( new AccessMgrImplTest( "testCheckAccess" ) ); |
| suite.addTest( new AccessMgrImplTest( "testAddActiveRole" ) ); |
| suite.addTest( new AccessMgrImplTest( "testDropActiveRole" ) ); |
| suite.addTest( new AccessMgrImplTest( "testSessionPermission" ) ); |
| suite.addTest( new AccessMgrImplTest( "testCreateSessionWithRole" ) ); |
| suite.addTest( new AccessMgrImplTest( "testCreateSessionWithRolesTrusted" ) ); |
| //suite.addTest( new ConfigMgrImplTest( "testAddAbacConfig" ) ); |
| suite.addTest( new AccessMgrImplTest( "testAbacConstraintsRole" ) ); |
| |
| // PwPolicyMgr PW Policy checks: |
| if ( Config.getInstance().isOpenldap() || Config.getInstance().isApacheds() ) |
| { |
| // These tests are reliant on OpenLDAP's pwpolicy overlay: |
| suite.addTest( new PswdPolicyMgrImplTest( "testMinAge" ) ); |
| suite.addTest( new PswdPolicyMgrImplTest( "testMaxAge" ) ); |
| suite.addTest( new PswdPolicyMgrImplTest( "testInHistory" ) ); |
| suite.addTest( new PswdPolicyMgrImplTest( "testMinLength" ) ); |
| suite.addTest( new PswdPolicyMgrImplTest( "testExpireWarning" ) ); |
| suite.addTest( new PswdPolicyMgrImplTest( "testGraceLoginLimit" ) ); |
| suite.addTest( new PswdPolicyMgrImplTest( "testMaxFailure" ) ); |
| suite.addTest( new PswdPolicyMgrImplTest( "testLockoutDuration" ) ); |
| suite.addTest( new PswdPolicyMgrImplTest( "testLockout" ) ); |
| suite.addTest( new PswdPolicyMgrImplTest( "testFailureCountInterval" ) ); |
| suite.addTest( new PswdPolicyMgrImplTest( "testMustChange" ) ); |
| suite.addTest( new PswdPolicyMgrImplTest( "testAllowUserChange" ) ); |
| suite.addTest( new PswdPolicyMgrImplTest( "testSafeModify" ) ); |
| } |
| |
| /***********************************************************/ |
| /* 5. Audit Checks */ |
| /***********************************************************/ |
| //suite.addTest(new AuditMgrImplTest("testSearchAuthNInvalid")); |
| if ( Config.getInstance().isOpenldap() && Config.getInstance().isAuditEnabled() ) |
| { |
| // These tests reliant on OpenLDAP's slapo access log overlay: |
| suite.addTest( new AuditMgrImplTest( "testSearchBinds" ) ); |
| suite.addTest( new AuditMgrImplTest( "testGetAuthZs" ) ); |
| suite.addTest( new AuditMgrImplTest( "testSearchAuthZs" ) ); |
| suite.addTest( new AuditMgrImplTest( "testSearchMods" ) ); |
| suite.addTest( new AuditMgrImplTest( "testSearchAdminMods" ) ); |
| } |
| |
| suite.addTest( new FortressJUnitTest( "testDisplayCounters" ) ); |
| return suite; |
| } |
| |
| /** |
| * Constructor for the FortressJUnitTest object |
| * |
| * @param name Description of the Parameter |
| */ |
| public FortressJUnitTest( String name ) |
| { |
| super( name ); |
| } |
| |
| public void testDisplayCounters() |
| { |
| LdapCounters counters = LdapDataProvider.getLdapCounters(); |
| System.out.println( "NUMBER OF ADDS: " + counters.getAdd() ); |
| System.out.println( "NUMBER OF BINDS: " + counters.getBind() ); |
| System.out.println( "NUMBER OF DELETES: " + counters.getDelete() ); |
| System.out.println( "NUMBER OF MODS: " + counters.getMod() ); |
| System.out.println( "NUMBER OF READS: " + counters.getRead() ); |
| System.out.println( "NUMBER OF SEARCHES: " + counters.getSearch() ); |
| //System.out.println( "NUMBER OF COMPARES: " + counters.getCompare() ); |
| } |
| |
| /** |
| * The JUnit setup method |
| * |
| * @throws Exception Description of the Exception |
| */ |
| public void setUp() throws Exception |
| { |
| super.setUp(); |
| } |
| |
| /** |
| * The teardown method for JUnit |
| * |
| * @throws Exception Description of the Exception |
| */ |
| public void tearDown() throws Exception |
| { |
| super.tearDown(); |
| } |
| } |