[jboss-svn-commits] JBL Code SVN: r21288 - in labs/jbossrules/trunk/drools-guvnor/src: test/java/org/drools/guvnor/server/security and 1 other directory.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Tue Jul 29 22:07:13 EDT 2008
Author: michael.neale at jboss.com
Date: 2008-07-29 22:07:13 -0400 (Tue, 29 Jul 2008)
New Revision: 21288
Modified:
labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/server/security/CategoryBasedPermissionResolver.java
labs/jbossrules/trunk/drools-guvnor/src/test/java/org/drools/guvnor/server/security/CategoryBasedPermissionResolverTest.java
Log:
Sub category authorization now works
Modified: labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/server/security/CategoryBasedPermissionResolver.java
===================================================================
--- labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/server/security/CategoryBasedPermissionResolver.java 2008-07-30 01:40:30 UTC (rev 21287)
+++ labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/server/security/CategoryBasedPermissionResolver.java 2008-07-30 02:07:13 UTC (rev 21288)
@@ -1,33 +1,19 @@
package org.drools.guvnor.server.security;
import static org.jboss.seam.ScopeType.APPLICATION;
-import static org.jboss.seam.annotations.Install.FRAMEWORK;
import java.io.Serializable;
-import java.util.Iterator;
import java.util.List;
import java.util.Set;
-import org.drools.guvnor.server.ServiceImplementation;
-import org.drools.repository.PackageItem;
-import org.drools.repository.RulesRepository;
-import org.drools.repository.RulesRepositoryException;
-import org.jboss.seam.Component;
-import org.jboss.seam.Seam;
-import org.jboss.seam.annotations.AutoCreate;
import org.jboss.seam.annotations.Create;
-import org.jboss.seam.annotations.In;
import org.jboss.seam.annotations.Install;
import org.jboss.seam.annotations.Name;
import org.jboss.seam.annotations.Scope;
import org.jboss.seam.annotations.Startup;
import org.jboss.seam.annotations.intercept.BypassInterceptors;
import org.jboss.seam.contexts.Contexts;
-import org.jboss.seam.log.LogProvider;
-import org.jboss.seam.log.Logging;
import org.jboss.seam.security.Identity;
-import org.jboss.seam.security.Role;
-import org.jboss.seam.security.SimplePrincipal;
import org.jboss.seam.security.permission.PermissionResolver;
/**
@@ -115,9 +101,17 @@
return requestedPath.equals(allowedPath) || isSubPath(allowedPath, requestedPath);
}
- private boolean isSubPath(String parentPath, String subPath) {
- //TODO:
- return false;
+ boolean isSubPath(String parentPath, String subPath) {
+ parentPath = (parentPath.startsWith("/")) ? parentPath.substring(1) : parentPath;
+ subPath = (subPath.startsWith("/")) ? subPath.substring(1) : subPath;
+ String[] parentTags = parentPath.split("/");
+ String[] subTags = subPath.split("/");
+ if (parentTags.length > subTags.length) return false;
+ for (int i = 0; i < parentTags.length; i++) {
+ if (!parentTags[i].equals(subTags[i])) return false;
+ }
+
+ return true;
}
public void filterSetByAction(Set<Object> targets, String action) {
Modified: labs/jbossrules/trunk/drools-guvnor/src/test/java/org/drools/guvnor/server/security/CategoryBasedPermissionResolverTest.java
===================================================================
--- labs/jbossrules/trunk/drools-guvnor/src/test/java/org/drools/guvnor/server/security/CategoryBasedPermissionResolverTest.java 2008-07-30 01:40:30 UTC (rev 21287)
+++ labs/jbossrules/trunk/drools-guvnor/src/test/java/org/drools/guvnor/server/security/CategoryBasedPermissionResolverTest.java 2008-07-30 02:07:13 UTC (rev 21288)
@@ -1,13 +1,13 @@
package org.drools.guvnor.server.security;
/*
* Copyright 2005 JBoss Inc
- *
+ *
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
- *
+ *
* http://www.apache.org/licenses/LICENSE-2.0
- *
+ *
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -30,32 +30,49 @@
import junit.framework.TestCase;
public class CategoryBasedPermissionResolverTest extends TestCase {
-
+
public void testAnalyst() throws Exception {
//Mock up SEAM contexts
- Map application = new HashMap<String, Object>();
+ Map application = new HashMap<String, Object>();
Lifecycle.beginApplication(application);
- Lifecycle.beginCall();
+ Lifecycle.beginCall();
MockIdentity midentity = new MockIdentity();
//this makes Identity.hasRole("admin") return false
- midentity.setHasRole(false);
+ midentity.setHasRole(false);
Contexts.getSessionContext().set("org.jboss.seam.security.identity", midentity);
-
-
+
+
List<RoleBasedPermission> pbps = new ArrayList<RoleBasedPermission>();
pbps.add(new RoleBasedPermission("jervis", RoleTypes.PACKAGE_ADMIN, "631b3d79-5b67-42fb-83da-714624970a6b", null));
- pbps.add(new RoleBasedPermission("jervis", RoleTypes.PACKAGE_READONLY, "47982482-7912-4881-97ec-e852494383d7", null));
+ pbps.add(new RoleBasedPermission("jervis", RoleTypes.PACKAGE_READONLY, "47982482-7912-4881-97ec-e852494383d7", null));
pbps.add(new RoleBasedPermission("jervis", RoleTypes.ANALYST, null, "category1"));
pbps.add(new RoleBasedPermission("jervis", RoleTypes.ANALYST, null, "category2"));
Contexts.getSessionContext().set("packageBasedPermission", pbps);
-
+
CategoryBasedPermissionResolver resolver = new CategoryBasedPermissionResolver();
assertTrue(resolver.hasPermission(new CategoryPathType("category1"), null));
assertTrue(resolver.hasPermission(new CategoryPathType("category2"), null));
assertFalse(resolver.hasPermission(new CategoryPathType("category3/category3"), null));
- //TODO:
- //assertTrue(resolver.hasPermission(new CategoryPathType("/category1/category2"), null));
-
- Lifecycle.endApplication();
- }
+
+ assertTrue(resolver.hasPermission(new CategoryPathType("/category1/category2"), null));
+
+ Lifecycle.endApplication();
+ }
+
+ public void testIsSubPath() {
+ CategoryBasedPermissionResolver pr = new CategoryBasedPermissionResolver();
+ assertTrue(pr.isSubPath("foo", "foo/bar"));
+ assertTrue(pr.isSubPath("foo", "/foo/bar"));
+ assertTrue(pr.isSubPath("/foo/bar", "/foo/bar"));
+ assertFalse(pr.isSubPath("/foo/bar", "foo"));
+
+ assertTrue(pr.isSubPath("foo", "foo/bar/baz"));
+ assertTrue(pr.isSubPath("foo/bar", "foo/bar/baz"));
+ assertFalse(pr.isSubPath("wang", "foo/bar/baz"));
+ assertFalse(pr.isSubPath("wang/whee", "foo/bar/baz"));
+
+ assertFalse(pr.isSubPath("foo1", "foo2"));
+ assertTrue(pr.isSubPath("foo1", "foo1"));
+
+ }
}
\ No newline at end of file
More information about the jboss-svn-commits
mailing list