geronimo-jacc_1.1_spec/src/test/java/javax/security/jacc/WebUserDataPermissionTest.java - geronimo-specs - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *  http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */

 //
 // This source code implements specifications defined by the Java
 // Community Process. In order to remain compliant with the specification
 // DO NOT add / change / or delete method signatures!
 //

 package javax.security.jacc;

 import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.ObjectInputStream;
 import java.io.ObjectOutputStream;
 import java.security.Permission;

 import junit.framework.TestCase;

 /**
  * @version $Rev$ $Date$
  */
 public class WebUserDataPermissionTest extends TestCase {

     /*
      * Testing WebResourcePermission(java.lang.String, java.lang.String)
      */
     public void testConstructorStringString() {

         MockHttpServletRequest request = new MockHttpServletRequest("/portal", "/services/services_jdbc/_rp_services_jdbc_row1_col1_p1_adapterDisplayName/1_TranQL0x8Generic0x8JDBC0x8Resource0x8Adapter/_rp_services_jdbc_row1_col1_p1_rarPath/1_tranql0x3tranql-connector0x310x220x3rar/_rp_services_jdbc_row1_col1_p1_mode/1_params/_rp_services_jdbc_row1_col1_p1_driverClass/1_org0x2hsqldb0x2jdbcDriver/_pm_services_jdbc_row1_col1_p1/view/_rp_services_jdbc_row1_col1_p1_dbtype/1_HSQLDB0x8embedded/_rp_services_jdbc_row1_col1_p1_urlPrototype/1_jdbc:hsqldb:{Database}/_st_services_jdbc_row1_col1_p1/normal/_ps_services_jdbc_row1_col1_p1/normal/_pid/services_jdbc_row1_col1_p1/_md_services_jdbc_row1_col1_p1/view/_rp_services_jdbc_row1_col1_p1_name/1_FFFFF");
         new WebUserDataPermission(URLPatternSpec.encodeColons(request), "GET:NONE");

         WebUserDataPermission permission = new WebUserDataPermission("/foo", "GET,POST:INTEGRAL");

         assertEquals(permission.getName(), "/foo");
         assertEquals(permission.getActions(), "GET,POST:INTEGRAL");

         permission = new WebUserDataPermission("/foo", "GET,POST,POST,GET:INTEGRAL");
         assertEquals(permission.getActions(), "GET,POST:INTEGRAL");

         //extension method
         permission = new WebUserDataPermission("/foo", "GET,POST,BAR:INTEGRAL");

         // bad HTTP method
         try {
             permission = new WebUserDataPermission("/foo", "GET,POST,B A R:INTEGRAL");
             fail("Bad HTTP method");
         } catch (IllegalArgumentException iae) {
         }

         // If you have a colon, then you must have a transportType
         try {
             permission = new WebUserDataPermission("/foo", "GET,POST,BAR:");
             fail("Missing transportType");
         } catch (IllegalArgumentException iae) {
         }
     }

     public void testSerialization() throws Exception {
         testSerialization(new WebUserDataPermission("/foo", "GET,POST:INTEGRAL"));
         testSerialization(new WebUserDataPermission("/foo", "GET,POST:NONE"));
         testSerialization(new WebUserDataPermission("/foo", ""));
         testSerialization(new WebUserDataPermission("/foo", ":NONE"));
         testSerialization(new WebUserDataPermission("/foo", "GET,POST"));
         testSerialization(new WebUserDataPermission("/foo", "!:CONFIDENTIAL"));
     }

     private void testSerialization(WebUserDataPermission permission) throws IOException, ClassNotFoundException {
         ByteArrayOutputStream baos = new ByteArrayOutputStream();
         ObjectOutputStream oos = new ObjectOutputStream(baos);
         oos.writeObject(permission);
         ByteArrayInputStream bais = new ByteArrayInputStream(baos.toByteArray());
         ObjectInputStream ois = new ObjectInputStream(bais);
         Object o = ois.readObject();
         assertEquals(permission, o);
     }

     public void testImpliesStringString() {
         // An actions string without a transportType is a shorthand for a
         // actions string with the value "NONE" as its TransportType
         WebUserDataPermission permissionFooGP = new WebUserDataPermission("/foo", "GET,POST:INTEGRAL");
         WebUserDataPermission permissionFooE = new WebUserDataPermission("/foo", "");
         WebUserDataPermission permissionFooGPN = new WebUserDataPermission("/foo", "GET,POST");

         assertTrue(permissionFooE.implies(permissionFooGP));
         assertTrue(permissionFooE.implies(permissionFooGPN));
         assertFalse(permissionFooGP.implies(permissionFooE));
         assertFalse(permissionFooGPN.implies(permissionFooE));

         assertTrue(permissionFooGPN.implies(permissionFooGP));
         assertFalse(permissionFooGP.implies(permissionFooGPN));
     }

     /*
      * Testing WebResourcePermission(String, String[])
      */
     public void testConstructorStringStringArray() {
     }

     public void testImpliesStringStringArray() {
     }

     /*
      * Testing WebResourcePermission(HttpServletRequest)
      */
     public void testConstructorHttpServletRequest() {
         Permission p = new WebUserDataPermission(new MockHttpServletRequest("/foo", "", "GET"));
         checkPermission(p, "/foo", "GET");
         p = new WebUserDataPermission(new MockHttpServletRequest("", "/foo", "GET"));
         checkPermission(p, "/foo", "GET");
         p = new WebUserDataPermission(new MockHttpServletRequest("/foo", "/foo", "BAR"));
         checkPermission(p, "/foo/foo", "BAR");
         p = new WebUserDataPermission(new MockHttpServletRequest("/foo", "/foo:bar", "BAR"));
         checkPermission(p, "/foo/foo%3Abar", "BAR");
         p = new WebUserDataPermission(new MockHttpServletRequest("/foo", "/foo%3Abar", "BAR"));
         checkPermission(p, "/foo/foo%3Abar", "BAR");
     }

     private void checkPermission(Permission p, String name, String actions) {
         assertEquals(p.getName(), name);
         assertEquals(p.getActions(), actions);
     }

     public void testImpliesHttpServletRequest() {
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/

	//
	// This source code implements specifications defined by the Java
	// Community Process. In order to remain compliant with the specification
	// DO NOT add / change / or delete method signatures!
	//

	package javax.security.jacc;

	import java.io.ByteArrayInputStream;
	import java.io.ByteArrayOutputStream;
	import java.io.IOException;
	import java.io.ObjectInputStream;
	import java.io.ObjectOutputStream;
	import java.security.Permission;

	import junit.framework.TestCase;

	/**
	* @version $Rev$ $Date$
	*/
	public class WebUserDataPermissionTest extends TestCase {

	/*
	* Testing WebResourcePermission(java.lang.String, java.lang.String)
	*/
	public void testConstructorStringString() {

	MockHttpServletRequest request = new MockHttpServletRequest("/portal", "/services/services_jdbc/_rp_services_jdbc_row1_col1_p1_adapterDisplayName/1_TranQL0x8Generic0x8JDBC0x8Resource0x8Adapter/_rp_services_jdbc_row1_col1_p1_rarPath/1_tranql0x3tranql-connector0x310x220x3rar/_rp_services_jdbc_row1_col1_p1_mode/1_params/_rp_services_jdbc_row1_col1_p1_driverClass/1_org0x2hsqldb0x2jdbcDriver/_pm_services_jdbc_row1_col1_p1/view/_rp_services_jdbc_row1_col1_p1_dbtype/1_HSQLDB0x8embedded/_rp_services_jdbc_row1_col1_p1_urlPrototype/1_jdbc:hsqldb:{Database}/_st_services_jdbc_row1_col1_p1/normal/_ps_services_jdbc_row1_col1_p1/normal/_pid/services_jdbc_row1_col1_p1/_md_services_jdbc_row1_col1_p1/view/_rp_services_jdbc_row1_col1_p1_name/1_FFFFF");
	new WebUserDataPermission(URLPatternSpec.encodeColons(request), "GET:NONE");

	WebUserDataPermission permission = new WebUserDataPermission("/foo", "GET,POST:INTEGRAL");

	assertEquals(permission.getName(), "/foo");
	assertEquals(permission.getActions(), "GET,POST:INTEGRAL");

	permission = new WebUserDataPermission("/foo", "GET,POST,POST,GET:INTEGRAL");
	assertEquals(permission.getActions(), "GET,POST:INTEGRAL");

	//extension method
	permission = new WebUserDataPermission("/foo", "GET,POST,BAR:INTEGRAL");

	// bad HTTP method
	try {
	permission = new WebUserDataPermission("/foo", "GET,POST,B A R:INTEGRAL");
	fail("Bad HTTP method");
	} catch (IllegalArgumentException iae) {
	}

	// If you have a colon, then you must have a transportType
	try {
	permission = new WebUserDataPermission("/foo", "GET,POST,BAR:");
	fail("Missing transportType");
	} catch (IllegalArgumentException iae) {
	}
	}

	public void testSerialization() throws Exception {
	testSerialization(new WebUserDataPermission("/foo", "GET,POST:INTEGRAL"));
	testSerialization(new WebUserDataPermission("/foo", "GET,POST:NONE"));
	testSerialization(new WebUserDataPermission("/foo", ""));
	testSerialization(new WebUserDataPermission("/foo", ":NONE"));
	testSerialization(new WebUserDataPermission("/foo", "GET,POST"));
	testSerialization(new WebUserDataPermission("/foo", "!:CONFIDENTIAL"));
	}

	private void testSerialization(WebUserDataPermission permission) throws IOException, ClassNotFoundException {
	ByteArrayOutputStream baos = new ByteArrayOutputStream();
	ObjectOutputStream oos = new ObjectOutputStream(baos);
	oos.writeObject(permission);
	ByteArrayInputStream bais = new ByteArrayInputStream(baos.toByteArray());
	ObjectInputStream ois = new ObjectInputStream(bais);
	Object o = ois.readObject();
	assertEquals(permission, o);
	}

	public void testImpliesStringString() {
	// An actions string without a transportType is a shorthand for a
	// actions string with the value "NONE" as its TransportType
	WebUserDataPermission permissionFooGP = new WebUserDataPermission("/foo", "GET,POST:INTEGRAL");
	WebUserDataPermission permissionFooE = new WebUserDataPermission("/foo", "");
	WebUserDataPermission permissionFooGPN = new WebUserDataPermission("/foo", "GET,POST");

	assertTrue(permissionFooE.implies(permissionFooGP));
	assertTrue(permissionFooE.implies(permissionFooGPN));
	assertFalse(permissionFooGP.implies(permissionFooE));
	assertFalse(permissionFooGPN.implies(permissionFooE));

	assertTrue(permissionFooGPN.implies(permissionFooGP));
	assertFalse(permissionFooGP.implies(permissionFooGPN));
	}

	/*
	* Testing WebResourcePermission(String, String[])
	*/
	public void testConstructorStringStringArray() {
	}

	public void testImpliesStringStringArray() {
	}

	/*
	* Testing WebResourcePermission(HttpServletRequest)
	*/
	public void testConstructorHttpServletRequest() {
	Permission p = new WebUserDataPermission(new MockHttpServletRequest("/foo", "", "GET"));
	checkPermission(p, "/foo", "GET");
	p = new WebUserDataPermission(new MockHttpServletRequest("", "/foo", "GET"));
	checkPermission(p, "/foo", "GET");
	p = new WebUserDataPermission(new MockHttpServletRequest("/foo", "/foo", "BAR"));
	checkPermission(p, "/foo/foo", "BAR");
	p = new WebUserDataPermission(new MockHttpServletRequest("/foo", "/foo:bar", "BAR"));
	checkPermission(p, "/foo/foo%3Abar", "BAR");
	p = new WebUserDataPermission(new MockHttpServletRequest("/foo", "/foo%3Abar", "BAR"));
	checkPermission(p, "/foo/foo%3Abar", "BAR");
	}

	private void checkPermission(Permission p, String name, String actions) {
	assertEquals(p.getName(), name);
	assertEquals(p.getActions(), actions);
	}

	public void testImpliesHttpServletRequest() {
	}
	}