| /* |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| */ |
| |
| // |
| // This source code implements specifications defined by the Java |
| // Community Process. In order to remain compliant with the specification |
| // DO NOT add / change / or delete method signatures! |
| // |
| |
| package javax.security.jacc; |
| |
| import java.io.ByteArrayInputStream; |
| import java.io.ByteArrayOutputStream; |
| import java.io.IOException; |
| import java.io.ObjectInputStream; |
| import java.io.ObjectOutputStream; |
| import java.security.Permission; |
| |
| import junit.framework.TestCase; |
| |
| /** |
| * @version $Rev$ $Date$ |
| */ |
| public class WebUserDataPermissionTest extends TestCase { |
| |
| /* |
| * Testing WebResourcePermission(java.lang.String, java.lang.String) |
| */ |
| public void testConstructorStringString() { |
| |
| MockHttpServletRequest request = new MockHttpServletRequest("/portal", "/services/services_jdbc/_rp_services_jdbc_row1_col1_p1_adapterDisplayName/1_TranQL0x8Generic0x8JDBC0x8Resource0x8Adapter/_rp_services_jdbc_row1_col1_p1_rarPath/1_tranql0x3tranql-connector0x310x220x3rar/_rp_services_jdbc_row1_col1_p1_mode/1_params/_rp_services_jdbc_row1_col1_p1_driverClass/1_org0x2hsqldb0x2jdbcDriver/_pm_services_jdbc_row1_col1_p1/view/_rp_services_jdbc_row1_col1_p1_dbtype/1_HSQLDB0x8embedded/_rp_services_jdbc_row1_col1_p1_urlPrototype/1_jdbc:hsqldb:{Database}/_st_services_jdbc_row1_col1_p1/normal/_ps_services_jdbc_row1_col1_p1/normal/_pid/services_jdbc_row1_col1_p1/_md_services_jdbc_row1_col1_p1/view/_rp_services_jdbc_row1_col1_p1_name/1_FFFFF"); |
| new WebUserDataPermission(URLPatternSpec.encodeColons(request), "GET:NONE"); |
| |
| WebUserDataPermission permission = new WebUserDataPermission("/foo", "GET,POST:INTEGRAL"); |
| |
| assertEquals(permission.getName(), "/foo"); |
| assertEquals(permission.getActions(), "GET,POST:INTEGRAL"); |
| |
| permission = new WebUserDataPermission("/foo", "GET,POST,POST,GET:INTEGRAL"); |
| assertEquals(permission.getActions(), "GET,POST:INTEGRAL"); |
| |
| //extension method |
| permission = new WebUserDataPermission("/foo", "GET,POST,BAR:INTEGRAL"); |
| |
| // bad HTTP method |
| try { |
| permission = new WebUserDataPermission("/foo", "GET,POST,B A R:INTEGRAL"); |
| fail("Bad HTTP method"); |
| } catch (IllegalArgumentException iae) { |
| } |
| |
| // If you have a colon, then you must have a transportType |
| try { |
| permission = new WebUserDataPermission("/foo", "GET,POST,BAR:"); |
| fail("Missing transportType"); |
| } catch (IllegalArgumentException iae) { |
| } |
| } |
| |
| public void testSerialization() throws Exception { |
| testSerialization(new WebUserDataPermission("/foo", "GET,POST:INTEGRAL")); |
| testSerialization(new WebUserDataPermission("/foo", "GET,POST:NONE")); |
| testSerialization(new WebUserDataPermission("/foo", "")); |
| testSerialization(new WebUserDataPermission("/foo", ":NONE")); |
| testSerialization(new WebUserDataPermission("/foo", "GET,POST")); |
| testSerialization(new WebUserDataPermission("/foo", "!:CONFIDENTIAL")); |
| } |
| |
| private void testSerialization(WebUserDataPermission permission) throws IOException, ClassNotFoundException { |
| ByteArrayOutputStream baos = new ByteArrayOutputStream(); |
| ObjectOutputStream oos = new ObjectOutputStream(baos); |
| oos.writeObject(permission); |
| ByteArrayInputStream bais = new ByteArrayInputStream(baos.toByteArray()); |
| ObjectInputStream ois = new ObjectInputStream(bais); |
| Object o = ois.readObject(); |
| assertEquals(permission, o); |
| } |
| |
| public void testImpliesStringString() { |
| // An actions string without a transportType is a shorthand for a |
| // actions string with the value "NONE" as its TransportType |
| WebUserDataPermission permissionFooGP = new WebUserDataPermission("/foo", "GET,POST:INTEGRAL"); |
| WebUserDataPermission permissionFooE = new WebUserDataPermission("/foo", ""); |
| WebUserDataPermission permissionFooGPN = new WebUserDataPermission("/foo", "GET,POST"); |
| |
| assertTrue(permissionFooE.implies(permissionFooGP)); |
| assertTrue(permissionFooE.implies(permissionFooGPN)); |
| assertFalse(permissionFooGP.implies(permissionFooE)); |
| assertFalse(permissionFooGPN.implies(permissionFooE)); |
| |
| assertTrue(permissionFooGPN.implies(permissionFooGP)); |
| assertFalse(permissionFooGP.implies(permissionFooGPN)); |
| } |
| |
| /* |
| * Testing WebResourcePermission(String, String[]) |
| */ |
| public void testConstructorStringStringArray() { |
| } |
| |
| public void testImpliesStringStringArray() { |
| } |
| |
| /* |
| * Testing WebResourcePermission(HttpServletRequest) |
| */ |
| public void testConstructorHttpServletRequest() { |
| Permission p = new WebUserDataPermission(new MockHttpServletRequest("/foo", "", "GET")); |
| checkPermission(p, "/foo", "GET"); |
| p = new WebUserDataPermission(new MockHttpServletRequest("", "/foo", "GET")); |
| checkPermission(p, "/foo", "GET"); |
| p = new WebUserDataPermission(new MockHttpServletRequest("/foo", "/foo", "BAR")); |
| checkPermission(p, "/foo/foo", "BAR"); |
| p = new WebUserDataPermission(new MockHttpServletRequest("/foo", "/foo:bar", "BAR")); |
| checkPermission(p, "/foo/foo%3Abar", "BAR"); |
| p = new WebUserDataPermission(new MockHttpServletRequest("/foo", "/foo%3Abar", "BAR")); |
| checkPermission(p, "/foo/foo%3Abar", "BAR"); |
| } |
| |
| private void checkPermission(Permission p, String name, String actions) { |
| assertEquals(p.getName(), name); |
| assertEquals(p.getActions(), actions); |
| } |
| |
| public void testImpliesHttpServletRequest() { |
| } |
| } |
| |