| /** |
| * Licensed to the Apache Software Foundation (ASF) under one or more |
| * contributor license agreements. See the NOTICE file distributed with |
| * this work for additional information regarding copyright ownership. |
| * The ASF licenses this file to You under the Apache License, Version 2.0 |
| * (the "License"); you may not use this file except in compliance with |
| * the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| package org.apache.felix.useradmin.impl; |
| |
| import java.util.ArrayList; |
| import java.util.Arrays; |
| import java.util.List; |
| |
| import junit.framework.TestCase; |
| |
| import org.apache.felix.useradmin.RoleFactory; |
| import org.osgi.service.useradmin.Group; |
| import org.osgi.service.useradmin.Role; |
| import org.osgi.service.useradmin.User; |
| |
| /** |
| * Test cases for {@link AuthorizationImpl}. |
| */ |
| public class AuthorizationImplTest extends TestCase { |
| |
| private RoleRepository m_roleRepository; |
| private Role m_anyone; |
| |
| /** |
| * {@inheritDoc} |
| */ |
| protected void setUp() throws Exception { |
| super.setUp(); |
| |
| m_roleRepository = new RoleRepository(new MemoryRoleRepositoryStore()); |
| |
| m_anyone = m_roleRepository.getRoleByName(Role.USER_ANYONE); |
| } |
| |
| /** |
| * Test for example presented in section 107.3.2 of OSGi compendium v4.2. |
| */ |
| public void testAuthorizationExampleOk() { |
| // Action groups... |
| Group alarmSystemControl = createGroup("AlarmSystemControl"); |
| Group internetAccess = createGroup("InternetAccess"); |
| Group temperatureControl = createGroup("TemperatureControl"); |
| Group photoAlbumEdit = createGroup("PhotoAlbumEdit"); |
| Group photoAlbumView = createGroup("PhotoAlbumView"); |
| Group portForwarding = createGroup("PortForwarding"); |
| |
| // System user groups... |
| Group administrators = createGroup("Administrators"); |
| Group buddies = createGroup("Buddies"); |
| Group children = createGroup("Children"); |
| Group adults = createGroup("Adults"); |
| Group residents = createGroup("Residents"); |
| |
| // Users |
| User elmer = RoleFactory.createUser("Elmer"); |
| User fudd = RoleFactory.createUser("Fudd"); |
| User marvin = RoleFactory.createUser("Marvin"); |
| User pepe = RoleFactory.createUser("Pepe"); |
| User daffy =RoleFactory.createUser("Daffy"); |
| User foghorn = RoleFactory.createUser("Foghorn"); |
| |
| // Not explicitly mentioned; but needed to comply with the semantics |
| alarmSystemControl.addRequiredMember(m_anyone); |
| internetAccess.addRequiredMember(m_anyone); |
| temperatureControl.addRequiredMember(m_anyone); |
| photoAlbumEdit.addRequiredMember(m_anyone); |
| photoAlbumView.addRequiredMember(m_anyone); |
| portForwarding.addRequiredMember(m_anyone); |
| |
| administrators.addRequiredMember(m_anyone); |
| buddies.addRequiredMember(m_anyone); |
| children.addRequiredMember(m_anyone); |
| adults.addRequiredMember(m_anyone); |
| residents.addRequiredMember(m_anyone); |
| |
| // Table 107.1 |
| residents.addMember(elmer); |
| residents.addMember(fudd); |
| residents.addMember(marvin); |
| residents.addMember(pepe); |
| |
| buddies.addMember(daffy); |
| buddies.addMember(foghorn); |
| |
| children.addMember(marvin); |
| children.addMember(pepe); |
| |
| adults.addMember(elmer); |
| adults.addMember(fudd); |
| |
| administrators.addMember(elmer); |
| |
| // Table 107.2 |
| alarmSystemControl.addMember(residents); |
| alarmSystemControl.addRequiredMember(administrators); |
| |
| internetAccess.addMember(residents); |
| internetAccess.addRequiredMember(adults); |
| |
| temperatureControl.addMember(residents); |
| temperatureControl.addRequiredMember(adults); |
| |
| photoAlbumEdit.addMember(residents); |
| photoAlbumEdit.addMember(children); |
| photoAlbumEdit.addMember(adults); |
| |
| photoAlbumView.addMember(residents); |
| photoAlbumView.addMember(buddies); |
| |
| portForwarding.addMember(residents); |
| portForwarding.addRequiredMember(administrators); |
| |
| // Test with the user "foghorn"... |
| AuthorizationImpl auth = new AuthorizationImpl(foghorn, m_roleRepository); |
| |
| assertFalse(auth.hasRole(alarmSystemControl.getName())); |
| assertFalse(auth.hasRole(internetAccess.getName())); |
| assertFalse(auth.hasRole(temperatureControl.getName())); |
| assertFalse(auth.hasRole(photoAlbumEdit.getName())); |
| assertTrue(auth.hasRole(photoAlbumView.getName())); |
| assertFalse(auth.hasRole(portForwarding.getName())); |
| |
| // Test with the user "fudd"... |
| auth = new AuthorizationImpl(fudd, m_roleRepository); |
| |
| assertFalse(auth.hasRole(alarmSystemControl.getName())); |
| assertTrue(auth.hasRole(internetAccess.getName())); |
| assertTrue(auth.hasRole(temperatureControl.getName())); |
| assertTrue(auth.hasRole(photoAlbumEdit.getName())); |
| assertTrue(auth.hasRole(photoAlbumView.getName())); |
| assertFalse(auth.hasRole(portForwarding.getName())); |
| |
| // Test with the user "elmer"... |
| auth = new AuthorizationImpl(elmer, m_roleRepository); |
| |
| assertTrue(auth.hasRole(alarmSystemControl.getName())); |
| assertTrue(auth.hasRole(internetAccess.getName())); |
| assertTrue(auth.hasRole(temperatureControl.getName())); |
| assertTrue(auth.hasRole(photoAlbumEdit.getName())); |
| assertTrue(auth.hasRole(photoAlbumView.getName())); |
| assertTrue(auth.hasRole(portForwarding.getName())); |
| } |
| |
| /** |
| * Test that the tests for membership work correctly. |
| */ |
| public void testHasRoleOk() { |
| Group citizens = createGroup("citizen"); |
| citizens.addRequiredMember(m_anyone); |
| |
| Group adults = createGroup("adult"); |
| adults.addRequiredMember(m_anyone); |
| |
| Group voters = createGroup("voter"); |
| voters.addRequiredMember(citizens); |
| voters.addRequiredMember(adults); |
| voters.addMember(m_anyone); |
| |
| // Elmer belongs to the citizens and adults... |
| User elmer = createUser("elmer"); |
| citizens.addMember(elmer); |
| adults.addMember(elmer); |
| |
| // Pepe belongs to the citizens, but is not an adult... |
| User pepe = createUser("pepe"); |
| citizens.addMember(pepe); |
| |
| // Bugs is an adult, but is not a citizen... |
| User bugs = createUser("bugs"); |
| adults.addMember(bugs); |
| |
| // Daffy is not an adult, neither a citizen... |
| User daffy = createUser("daffy"); |
| |
| AuthorizationImpl auth; |
| |
| auth = new AuthorizationImpl(elmer, m_roleRepository); |
| assertTrue(auth.hasRole("adult")); |
| assertTrue(auth.hasRole("citizen")); |
| assertTrue(auth.hasRole("voter")); |
| assertFalse(auth.hasRole("non-existing-role")); |
| |
| auth = new AuthorizationImpl(pepe, m_roleRepository); |
| assertFalse(auth.hasRole("adult")); |
| assertTrue(auth.hasRole("citizen")); |
| assertFalse(auth.hasRole("voter")); |
| assertFalse(auth.hasRole("non-existing-role")); |
| |
| auth = new AuthorizationImpl(bugs, m_roleRepository); |
| assertTrue(auth.hasRole("adult")); |
| assertFalse(auth.hasRole("citizen")); |
| assertFalse(auth.hasRole("voter")); |
| assertFalse(auth.hasRole("non-existing-role")); |
| |
| auth = new AuthorizationImpl(daffy, m_roleRepository); |
| assertFalse(auth.hasRole("adult")); |
| assertFalse(auth.hasRole("citizen")); |
| assertFalse(auth.hasRole("voter")); |
| assertFalse(auth.hasRole("non-existing-role")); |
| } |
| |
| /** |
| * Test that the tests for membership work correctly. |
| */ |
| public void testGetRolesOk() { |
| Group citizens = createGroup("citizen"); |
| citizens.addRequiredMember(m_anyone); |
| |
| Group adults = createGroup("adult"); |
| adults.addRequiredMember(m_anyone); |
| |
| Group voters = createGroup("voter"); |
| voters.addRequiredMember(citizens); |
| voters.addRequiredMember(adults); |
| voters.addMember(m_anyone); |
| |
| // Elmer belongs to the citizens and adults... |
| User elmer = createUser("elmer"); |
| citizens.addMember(elmer); |
| adults.addMember(elmer); |
| |
| // Pepe belongs to the citizens, but is not an adult... |
| User pepe = createUser("pepe"); |
| citizens.addMember(pepe); |
| |
| // Bugs is an adult, but is not a citizen... |
| User bugs = createUser("bugs"); |
| adults.addMember(bugs); |
| |
| // Daffy is not an adult, neither a citizen... |
| User daffy = createUser("daffy"); |
| |
| // Donald is not an adult, neither a citizen... |
| User donald = RoleFactory.createUser("donald"); |
| |
| AuthorizationImpl auth; |
| |
| auth = new AuthorizationImpl(elmer, m_roleRepository); |
| assertSameRoles(new String[]{ "elmer", "adult", "citizen", "voter" }, auth.getRoles()); |
| |
| auth = new AuthorizationImpl(pepe, m_roleRepository); |
| assertSameRoles(new String[]{ "pepe", "citizen" }, auth.getRoles()); |
| |
| auth = new AuthorizationImpl(bugs, m_roleRepository); |
| assertSameRoles(new String[]{ "bugs", "adult" }, auth.getRoles()); |
| |
| auth = new AuthorizationImpl(daffy, m_roleRepository); |
| assertSameRoles(new String[]{ "daffy" }, auth.getRoles()); |
| |
| auth = new AuthorizationImpl(donald, m_roleRepository); |
| assertNull(auth.getRoles()); |
| } |
| |
| private void assertSameRoles(String[] expected, String[] roles) { |
| assertTrue("Expected " + expected.length + " roles, got " + roles.length + "!", expected.length == roles.length); |
| |
| List e = new ArrayList(Arrays.asList(expected)); |
| List r = new ArrayList(Arrays.asList(roles)); |
| e.removeAll(r); |
| |
| assertTrue("Not seen: " + e, e.isEmpty()); |
| } |
| |
| private Group createGroup(String name) { |
| return (Group) m_roleRepository.addRole(name, Role.GROUP); |
| } |
| |
| private User createUser(String name) { |
| return (User) m_roleRepository.addRole(name, Role.USER); |
| } |
| } |