rave-components/rave-core/src/test/java/org/apache/rave/portal/security/impl/DefaultRegionWidgetPermissionEvaluatorTest.java - rave - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package org.apache.rave.portal.security.impl;

 import org.apache.rave.portal.model.Page;
 import org.apache.rave.portal.model.Region;
 import org.apache.rave.portal.model.RegionWidget;
 import org.apache.rave.portal.model.User;
 import org.apache.rave.portal.repository.RegionWidgetRepository;
 import org.apache.rave.portal.security.ModelPermissionEvaluator.Permission;
 import org.apache.rave.portal.security.util.AuthenticationUtils;
 import org.easymock.EasyMock;
 import org.junit.Before;
 import org.junit.Test;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;

 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.List;

 import static org.easymock.EasyMock.*;
 import static org.hamcrest.CoreMatchers.is;
 import static org.junit.Assert.assertThat;

 public class DefaultRegionWidgetPermissionEvaluatorTest {
     private DefaultRegionWidgetPermissionEvaluator defaultRegionWidgetPermissionEvaluator;
     private RegionWidgetRepository mockRegionWidgetRepository;
     private Authentication mockAuthentication;
     private Page page;
     private RegionWidget regionWidget;
     private Region region;
     private User user, user2;
     private List<GrantedAuthority> grantedAuthoritiesList;

     private final Long VALID_REGION_ID = 1L;
     private final Long VALID_REGION_WIDGET_ID = 1L;
     private final Long VALID_PAGE_ID = 3L;
     private final Long VALID_USER_ID = 99L;
     private final String VALID_USERNAME = "john.doe";
     private final String VALID_USERNAME2 = "jane.doe";

     @Before
     public void setUp() {
         mockRegionWidgetRepository = createMock(RegionWidgetRepository.class);
         defaultRegionWidgetPermissionEvaluator = new DefaultRegionWidgetPermissionEvaluator(mockRegionWidgetRepository);
         mockAuthentication = createMock(Authentication.class);

         user = new User();
         user.setUsername(VALID_USERNAME);
         user.setEntityId(VALID_USER_ID);
         user2 = new User();
         user2.setUsername(VALID_USERNAME2);
         page = new Page();
         page.setEntityId(VALID_PAGE_ID);
         page.setOwner(user);
         region = new Region();
         region.setEntityId(VALID_REGION_ID);
         region.setPage(page);
         regionWidget = new RegionWidget();
         regionWidget.setEntityId(VALID_REGION_WIDGET_ID);
         regionWidget.setRegion(region);
         grantedAuthoritiesList = new ArrayList<GrantedAuthority>();
         grantedAuthoritiesList.add(new SimpleGrantedAuthority("ROLE_USER"));
     }

     @Test
     public void testGetType() throws ClassNotFoundException {
         assertThat(defaultRegionWidgetPermissionEvaluator.getType().getName(), is(RegionWidget.class.getName()));
     }

     @Test
     public void testHasPermission_3args_administer() {
         EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
         replay(mockAuthentication);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.ADMINISTER), is(false));
         verify(mockAuthentication);
     }

     @Test
     public void testHasPermission_3args_administer_hasAdminRole() {
         grantedAuthoritiesList.add(new SimpleGrantedAuthority(AuthenticationUtils.ROLE_ADMIN));
         EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
         replay(mockAuthentication);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.ADMINISTER), is(true));
         verify(mockAuthentication);
     }

     @Test
     public void testHasPermission_3args_create_isRegionWidgetOwner() {
         EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
         expect(mockAuthentication.getPrincipal()).andReturn(user);
         expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
         replay(mockAuthentication);
         replay(mockRegionWidgetRepository);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.CREATE), is(true));
         verify(mockAuthentication);
         verify(mockRegionWidgetRepository);
     }

     @Test
     public void testHasPermission_3args_create_isNotRegionWidgetOwner() {
         EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
         expect(mockAuthentication.getPrincipal()).andReturn(user2);
         expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
         replay(mockAuthentication);
         replay(mockRegionWidgetRepository);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.CREATE), is(false));
         verify(mockAuthentication);
         verify(mockRegionWidgetRepository);
     }

     @Test
     public void testHasPermission_3args_delete_isRegionWidgetOwner() {
         EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
         expect(mockAuthentication.getPrincipal()).andReturn(user);
         expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
         replay(mockAuthentication);
         replay(mockRegionWidgetRepository);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.DELETE), is(true));
         verify(mockAuthentication);
         verify(mockRegionWidgetRepository);
     }

     @Test
     public void testHasPermission_3args_delete_isNotRegionWidgetOwner() {
         EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
         expect(mockAuthentication.getPrincipal()).andReturn(user2);
         expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
         replay(mockAuthentication);
         replay(mockRegionWidgetRepository);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.DELETE), is(false));
         verify(mockAuthentication);
         verify(mockRegionWidgetRepository);
     }

     @Test
     public void testHasPermission_3args_update_isRegionWidgetOwner() {
         EasyMock.<Collection<? extends GrantedAuthority>> expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
         expect(mockAuthentication.getPrincipal()).andReturn(user);
         expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
         replay(mockAuthentication);
         replay(mockRegionWidgetRepository);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.UPDATE), is(true));
         verify(mockAuthentication);
         verify(mockRegionWidgetRepository);
     }

     @Test
     public void testHasPermission_3args_update_isNotRegionWidgetOwner() {
         EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
         expect(mockAuthentication.getPrincipal()).andReturn(user2);
         expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
         replay(mockAuthentication);
         replay(mockRegionWidgetRepository);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.UPDATE), is(false));
         verify(mockAuthentication);
         verify(mockRegionWidgetRepository);
     }

     @Test
     public void testHasPermission_3args_read_isRegionWidgetOwner() {
         EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
         expect(mockAuthentication.getPrincipal()).andReturn(user);
         expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
         replay(mockAuthentication);
         replay(mockRegionWidgetRepository);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.READ), is(true));
         verify(mockAuthentication);
         verify(mockRegionWidgetRepository);
     }

     @Test
     public void testHasPermission_3args_read_isNotRegionWidgetOwner() {
         EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
         expect(mockAuthentication.getPrincipal()).andReturn(user2);
         expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
         replay(mockAuthentication);
         replay(mockRegionWidgetRepository);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.READ), is(false));
         verify(mockAuthentication);
         verify(mockRegionWidgetRepository);
     }

     @Test
     public void testHasPermission_4args_administer() {
         EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
         replay(mockAuthentication);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, VALID_REGION_WIDGET_ID, RegionWidget.class.getName(), Permission.ADMINISTER), is(false));
         verify(mockAuthentication);
     }

     @Test
     public void testHasPermission_4args_create_isRegionWidgetOwner() {
         EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
         expect(mockAuthentication.getPrincipal()).andReturn(user);
         expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
         replay(mockAuthentication);
         replay(mockRegionWidgetRepository);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, VALID_REGION_WIDGET_ID, RegionWidget.class.getName(), Permission.CREATE), is(true));
         verify(mockAuthentication);
         verify(mockRegionWidgetRepository);
     }

     @Test
     public void testHasPermission_4args_create_isNotRegionWidgetOwner() {
         EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
         expect(mockAuthentication.getPrincipal()).andReturn(user2);
         expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
         replay(mockAuthentication);
         replay(mockRegionWidgetRepository);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, VALID_REGION_WIDGET_ID, RegionWidget.class.getName(), Permission.CREATE), is(false));
         verify(mockAuthentication);
         verify(mockRegionWidgetRepository);
     }

     @Test
     public void testHasPermission_4args_delete_isRegionWidgetOwner() {
         EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
         expect(mockAuthentication.getPrincipal()).andReturn(user);
         expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
         replay(mockAuthentication);
         replay(mockRegionWidgetRepository);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, VALID_REGION_WIDGET_ID, RegionWidget.class.getName(), Permission.CREATE), is(true));
         verify(mockAuthentication);
         verify(mockRegionWidgetRepository);
     }

     @Test
     public void testHasPermission_4args_delete_isNotRegionWidgetOwner() {
         EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
         expect(mockAuthentication.getPrincipal()).andReturn(user2);
         expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
         replay(mockAuthentication);
         replay(mockRegionWidgetRepository);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, VALID_REGION_WIDGET_ID, RegionWidget.class.getName(), Permission.CREATE), is(false));
         verify(mockAuthentication);
         verify(mockRegionWidgetRepository);
     }

     @Test
     public void testHasPermission_4args_read_isRegionWidgetOwner() {
         EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
         expect(mockAuthentication.getPrincipal()).andReturn(user);
         expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
         replay(mockAuthentication);
         replay(mockRegionWidgetRepository);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, VALID_REGION_WIDGET_ID, RegionWidget.class.getName(), Permission.CREATE), is(true));
         verify(mockAuthentication);
         verify(mockRegionWidgetRepository);
     }

     @Test
     public void testHasPermission_4args_read_isNotRegionWidgetOwner() {
         EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
         expect(mockAuthentication.getPrincipal()).andReturn(user2);
         expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
         replay(mockAuthentication);
         replay(mockRegionWidgetRepository);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, VALID_REGION_WIDGET_ID, RegionWidget.class.getName(), Permission.CREATE), is(false));
         verify(mockAuthentication);
         verify(mockRegionWidgetRepository);
     }

     @Test
     public void testHasPermission_4args_update_isRegionWidgetOwner() {
         EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
         expect(mockAuthentication.getPrincipal()).andReturn(user);
         expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
         replay(mockAuthentication);
         replay(mockRegionWidgetRepository);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, VALID_REGION_WIDGET_ID, RegionWidget.class.getName(), Permission.CREATE), is(true));
         verify(mockAuthentication);
         verify(mockRegionWidgetRepository);
     }

     @Test
     public void testHasPermission_4args_update_isNotRegionWidgetOwner() {
         EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
         expect(mockAuthentication.getPrincipal()).andReturn(user2);
         expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
         replay(mockAuthentication);
         replay(mockRegionWidgetRepository);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, VALID_REGION_WIDGET_ID, RegionWidget.class.getName(), Permission.CREATE), is(false));
         verify(mockAuthentication);
         verify(mockRegionWidgetRepository);
     }

     @Test
     public void testHasPermission_4args_update_isRegionWidgetOwner_withRaveSecurityContextObject() {
         RaveSecurityContext raveSecurityContext = new RaveSecurityContext(VALID_USER_ID, "org.apache.rave.portal.model.User");

         expect(mockAuthentication.getPrincipal()).andReturn(user);
         replay(mockAuthentication);
         assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, raveSecurityContext, RegionWidget.class.getName(), Permission.UPDATE), is(true));
         verify(mockAuthentication);
     }

     @Test(expected=IllegalArgumentException.class)
     public void testHasPermission_4args_update_isRegionWidgetOwner_withInvalidRaveSecurityContextType() {
         RaveSecurityContext raveSecurityContext = new RaveSecurityContext(VALID_USER_ID, "java.lang.String");

         expect(mockAuthentication.getPrincipal()).andReturn(user);
         replay(mockAuthentication);
         defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, raveSecurityContext, RegionWidget.class.getName(), Permission.UPDATE);
         verify(mockAuthentication);
     }

     @Test(expected=IllegalArgumentException.class)
     public void testHasPermission_4args_update_isRegionWidgetOwner_withUnknownRaveSecurityContextType() {
         RaveSecurityContext raveSecurityContext = new RaveSecurityContext(VALID_USER_ID, "foo.bar.DummyClass");

         expect(mockAuthentication.getPrincipal()).andReturn(user);
         replay(mockAuthentication);
         defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, raveSecurityContext, RegionWidget.class.getName(), Permission.UPDATE);
         verify(mockAuthentication);
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package org.apache.rave.portal.security.impl;

	import org.apache.rave.portal.model.Page;
	import org.apache.rave.portal.model.Region;
	import org.apache.rave.portal.model.RegionWidget;
	import org.apache.rave.portal.model.User;
	import org.apache.rave.portal.repository.RegionWidgetRepository;
	import org.apache.rave.portal.security.ModelPermissionEvaluator.Permission;
	import org.apache.rave.portal.security.util.AuthenticationUtils;
	import org.easymock.EasyMock;
	import org.junit.Before;
	import org.junit.Test;
	import org.springframework.security.core.Authentication;
	import org.springframework.security.core.GrantedAuthority;
	import org.springframework.security.core.authority.SimpleGrantedAuthority;

	import java.util.ArrayList;
	import java.util.Collection;
	import java.util.List;

	import static org.easymock.EasyMock.*;
	import static org.hamcrest.CoreMatchers.is;
	import static org.junit.Assert.assertThat;

	public class DefaultRegionWidgetPermissionEvaluatorTest {
	private DefaultRegionWidgetPermissionEvaluator defaultRegionWidgetPermissionEvaluator;
	private RegionWidgetRepository mockRegionWidgetRepository;
	private Authentication mockAuthentication;
	private Page page;
	private RegionWidget regionWidget;
	private Region region;
	private User user, user2;
	private List<GrantedAuthority> grantedAuthoritiesList;

	private final Long VALID_REGION_ID = 1L;
	private final Long VALID_REGION_WIDGET_ID = 1L;
	private final Long VALID_PAGE_ID = 3L;
	private final Long VALID_USER_ID = 99L;
	private final String VALID_USERNAME = "john.doe";
	private final String VALID_USERNAME2 = "jane.doe";

	@Before
	public void setUp() {
	mockRegionWidgetRepository = createMock(RegionWidgetRepository.class);
	defaultRegionWidgetPermissionEvaluator = new DefaultRegionWidgetPermissionEvaluator(mockRegionWidgetRepository);
	mockAuthentication = createMock(Authentication.class);

	user = new User();
	user.setUsername(VALID_USERNAME);
	user.setEntityId(VALID_USER_ID);
	user2 = new User();
	user2.setUsername(VALID_USERNAME2);
	page = new Page();
	page.setEntityId(VALID_PAGE_ID);
	page.setOwner(user);
	region = new Region();
	region.setEntityId(VALID_REGION_ID);
	region.setPage(page);
	regionWidget = new RegionWidget();
	regionWidget.setEntityId(VALID_REGION_WIDGET_ID);
	regionWidget.setRegion(region);
	grantedAuthoritiesList = new ArrayList<GrantedAuthority>();
	grantedAuthoritiesList.add(new SimpleGrantedAuthority("ROLE_USER"));
	}

	@Test
	public void testGetType() throws ClassNotFoundException {
	assertThat(defaultRegionWidgetPermissionEvaluator.getType().getName(), is(RegionWidget.class.getName()));
	}

	@Test
	public void testHasPermission_3args_administer() {
	EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
	replay(mockAuthentication);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.ADMINISTER), is(false));
	verify(mockAuthentication);
	}

	@Test
	public void testHasPermission_3args_administer_hasAdminRole() {
	grantedAuthoritiesList.add(new SimpleGrantedAuthority(AuthenticationUtils.ROLE_ADMIN));
	EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
	replay(mockAuthentication);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.ADMINISTER), is(true));
	verify(mockAuthentication);
	}

	@Test
	public void testHasPermission_3args_create_isRegionWidgetOwner() {
	EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
	expect(mockAuthentication.getPrincipal()).andReturn(user);
	expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
	replay(mockAuthentication);
	replay(mockRegionWidgetRepository);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.CREATE), is(true));
	verify(mockAuthentication);
	verify(mockRegionWidgetRepository);
	}

	@Test
	public void testHasPermission_3args_create_isNotRegionWidgetOwner() {
	EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
	expect(mockAuthentication.getPrincipal()).andReturn(user2);
	expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
	replay(mockAuthentication);
	replay(mockRegionWidgetRepository);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.CREATE), is(false));
	verify(mockAuthentication);
	verify(mockRegionWidgetRepository);
	}

	@Test
	public void testHasPermission_3args_delete_isRegionWidgetOwner() {
	EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
	expect(mockAuthentication.getPrincipal()).andReturn(user);
	expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
	replay(mockAuthentication);
	replay(mockRegionWidgetRepository);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.DELETE), is(true));
	verify(mockAuthentication);
	verify(mockRegionWidgetRepository);
	}

	@Test
	public void testHasPermission_3args_delete_isNotRegionWidgetOwner() {
	EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
	expect(mockAuthentication.getPrincipal()).andReturn(user2);
	expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
	replay(mockAuthentication);
	replay(mockRegionWidgetRepository);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.DELETE), is(false));
	verify(mockAuthentication);
	verify(mockRegionWidgetRepository);
	}

	@Test
	public void testHasPermission_3args_update_isRegionWidgetOwner() {
	EasyMock.<Collection<? extends GrantedAuthority>> expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
	expect(mockAuthentication.getPrincipal()).andReturn(user);
	expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
	replay(mockAuthentication);
	replay(mockRegionWidgetRepository);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.UPDATE), is(true));
	verify(mockAuthentication);
	verify(mockRegionWidgetRepository);
	}

	@Test
	public void testHasPermission_3args_update_isNotRegionWidgetOwner() {
	EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
	expect(mockAuthentication.getPrincipal()).andReturn(user2);
	expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
	replay(mockAuthentication);
	replay(mockRegionWidgetRepository);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.UPDATE), is(false));
	verify(mockAuthentication);
	verify(mockRegionWidgetRepository);
	}

	@Test
	public void testHasPermission_3args_read_isRegionWidgetOwner() {
	EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
	expect(mockAuthentication.getPrincipal()).andReturn(user);
	expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
	replay(mockAuthentication);
	replay(mockRegionWidgetRepository);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.READ), is(true));
	verify(mockAuthentication);
	verify(mockRegionWidgetRepository);
	}

	@Test
	public void testHasPermission_3args_read_isNotRegionWidgetOwner() {
	EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
	expect(mockAuthentication.getPrincipal()).andReturn(user2);
	expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
	replay(mockAuthentication);
	replay(mockRegionWidgetRepository);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, regionWidget, Permission.READ), is(false));
	verify(mockAuthentication);
	verify(mockRegionWidgetRepository);
	}

	@Test
	public void testHasPermission_4args_administer() {
	EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
	replay(mockAuthentication);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, VALID_REGION_WIDGET_ID, RegionWidget.class.getName(), Permission.ADMINISTER), is(false));
	verify(mockAuthentication);
	}

	@Test
	public void testHasPermission_4args_create_isRegionWidgetOwner() {
	EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
	expect(mockAuthentication.getPrincipal()).andReturn(user);
	expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
	replay(mockAuthentication);
	replay(mockRegionWidgetRepository);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, VALID_REGION_WIDGET_ID, RegionWidget.class.getName(), Permission.CREATE), is(true));
	verify(mockAuthentication);
	verify(mockRegionWidgetRepository);
	}

	@Test
	public void testHasPermission_4args_create_isNotRegionWidgetOwner() {
	EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
	expect(mockAuthentication.getPrincipal()).andReturn(user2);
	expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
	replay(mockAuthentication);
	replay(mockRegionWidgetRepository);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, VALID_REGION_WIDGET_ID, RegionWidget.class.getName(), Permission.CREATE), is(false));
	verify(mockAuthentication);
	verify(mockRegionWidgetRepository);
	}

	@Test
	public void testHasPermission_4args_delete_isRegionWidgetOwner() {
	EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
	expect(mockAuthentication.getPrincipal()).andReturn(user);
	expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
	replay(mockAuthentication);
	replay(mockRegionWidgetRepository);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, VALID_REGION_WIDGET_ID, RegionWidget.class.getName(), Permission.CREATE), is(true));
	verify(mockAuthentication);
	verify(mockRegionWidgetRepository);
	}

	@Test
	public void testHasPermission_4args_delete_isNotRegionWidgetOwner() {
	EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
	expect(mockAuthentication.getPrincipal()).andReturn(user2);
	expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
	replay(mockAuthentication);
	replay(mockRegionWidgetRepository);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, VALID_REGION_WIDGET_ID, RegionWidget.class.getName(), Permission.CREATE), is(false));
	verify(mockAuthentication);
	verify(mockRegionWidgetRepository);
	}

	@Test
	public void testHasPermission_4args_read_isRegionWidgetOwner() {
	EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
	expect(mockAuthentication.getPrincipal()).andReturn(user);
	expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
	replay(mockAuthentication);
	replay(mockRegionWidgetRepository);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, VALID_REGION_WIDGET_ID, RegionWidget.class.getName(), Permission.CREATE), is(true));
	verify(mockAuthentication);
	verify(mockRegionWidgetRepository);
	}

	@Test
	public void testHasPermission_4args_read_isNotRegionWidgetOwner() {
	EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
	expect(mockAuthentication.getPrincipal()).andReturn(user2);
	expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
	replay(mockAuthentication);
	replay(mockRegionWidgetRepository);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, VALID_REGION_WIDGET_ID, RegionWidget.class.getName(), Permission.CREATE), is(false));
	verify(mockAuthentication);
	verify(mockRegionWidgetRepository);
	}

	@Test
	public void testHasPermission_4args_update_isRegionWidgetOwner() {
	EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
	expect(mockAuthentication.getPrincipal()).andReturn(user);
	expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
	replay(mockAuthentication);
	replay(mockRegionWidgetRepository);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, VALID_REGION_WIDGET_ID, RegionWidget.class.getName(), Permission.CREATE), is(true));
	verify(mockAuthentication);
	verify(mockRegionWidgetRepository);
	}

	@Test
	public void testHasPermission_4args_update_isNotRegionWidgetOwner() {
	EasyMock.<Collection<? extends GrantedAuthority>>expect(mockAuthentication.getAuthorities()).andReturn(grantedAuthoritiesList);
	expect(mockAuthentication.getPrincipal()).andReturn(user2);
	expect(mockRegionWidgetRepository.get(VALID_REGION_WIDGET_ID)).andReturn(regionWidget);
	replay(mockAuthentication);
	replay(mockRegionWidgetRepository);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, VALID_REGION_WIDGET_ID, RegionWidget.class.getName(), Permission.CREATE), is(false));
	verify(mockAuthentication);
	verify(mockRegionWidgetRepository);
	}

	@Test
	public void testHasPermission_4args_update_isRegionWidgetOwner_withRaveSecurityContextObject() {
	RaveSecurityContext raveSecurityContext = new RaveSecurityContext(VALID_USER_ID, "org.apache.rave.portal.model.User");

	expect(mockAuthentication.getPrincipal()).andReturn(user);
	replay(mockAuthentication);
	assertThat(defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, raveSecurityContext, RegionWidget.class.getName(), Permission.UPDATE), is(true));
	verify(mockAuthentication);
	}

	@Test(expected=IllegalArgumentException.class)
	public void testHasPermission_4args_update_isRegionWidgetOwner_withInvalidRaveSecurityContextType() {
	RaveSecurityContext raveSecurityContext = new RaveSecurityContext(VALID_USER_ID, "java.lang.String");

	expect(mockAuthentication.getPrincipal()).andReturn(user);
	replay(mockAuthentication);
	defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, raveSecurityContext, RegionWidget.class.getName(), Permission.UPDATE);
	verify(mockAuthentication);
	}

	@Test(expected=IllegalArgumentException.class)
	public void testHasPermission_4args_update_isRegionWidgetOwner_withUnknownRaveSecurityContextType() {
	RaveSecurityContext raveSecurityContext = new RaveSecurityContext(VALID_USER_ID, "foo.bar.DummyClass");

	expect(mockAuthentication.getPrincipal()).andReturn(user);
	replay(mockAuthentication);
	defaultRegionWidgetPermissionEvaluator.hasPermission(mockAuthentication, raveSecurityContext, RegionWidget.class.getName(), Permission.UPDATE);
	verify(mockAuthentication);
	}
	}