[jboss-svn-commits] JBL Code SVN: r21288 - in labs/jbossrules/trunk/drools-guvnor/src: test/java/org/drools/guvnor/server/security and 1 other directory.

jboss-svn-commits at lists.jboss.org jboss-svn-commits at lists.jboss.org
Tue Jul 29 22:07:13 EDT 2008 

Author: michael.neale at jboss.com
Date: 2008-07-29 22:07:13 -0400 (Tue, 29 Jul 2008)
New Revision: 21288

Modified:
   labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/server/security/CategoryBasedPermissionResolver.java
   labs/jbossrules/trunk/drools-guvnor/src/test/java/org/drools/guvnor/server/security/CategoryBasedPermissionResolverTest.java
Log:
Sub category authorization now works

Modified: labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/server/security/CategoryBasedPermissionResolver.java
===================================================================
--- labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/server/security/CategoryBasedPermissionResolver.java	2008-07-30 01:40:30 UTC (rev 21287)
+++ labs/jbossrules/trunk/drools-guvnor/src/main/java/org/drools/guvnor/server/security/CategoryBasedPermissionResolver.java	2008-07-30 02:07:13 UTC (rev 21288)
@@ -1,33 +1,19 @@
 package org.drools.guvnor.server.security;
 
 import static org.jboss.seam.ScopeType.APPLICATION;
-import static org.jboss.seam.annotations.Install.FRAMEWORK;
 
 import java.io.Serializable;
-import java.util.Iterator;
 import java.util.List;
 import java.util.Set;
 
-import org.drools.guvnor.server.ServiceImplementation;
-import org.drools.repository.PackageItem;
-import org.drools.repository.RulesRepository;
-import org.drools.repository.RulesRepositoryException;
-import org.jboss.seam.Component;
-import org.jboss.seam.Seam;
-import org.jboss.seam.annotations.AutoCreate;
 import org.jboss.seam.annotations.Create;
-import org.jboss.seam.annotations.In;
 import org.jboss.seam.annotations.Install;
 import org.jboss.seam.annotations.Name;
 import org.jboss.seam.annotations.Scope;
 import org.jboss.seam.annotations.Startup;
 import org.jboss.seam.annotations.intercept.BypassInterceptors;
 import org.jboss.seam.contexts.Contexts;
-import org.jboss.seam.log.LogProvider;
-import org.jboss.seam.log.Logging;
 import org.jboss.seam.security.Identity;
-import org.jboss.seam.security.Role;
-import org.jboss.seam.security.SimplePrincipal;
 import org.jboss.seam.security.permission.PermissionResolver;
 
 /**
@@ -115,9 +101,17 @@
 		return requestedPath.equals(allowedPath) || isSubPath(allowedPath, requestedPath);
 	}
 
-	private boolean isSubPath(String parentPath, String subPath) {
-		//TODO:
-		return false;
+	boolean isSubPath(String parentPath, String subPath) {
+		parentPath = (parentPath.startsWith("/")) ? parentPath.substring(1) : parentPath;
+		subPath = (subPath.startsWith("/")) ? subPath.substring(1) : subPath;
+		String[] parentTags = parentPath.split("/");
+		String[] subTags = subPath.split("/");
+		if (parentTags.length > subTags.length) return false;
+		for (int i = 0; i < parentTags.length; i++) {
+			if (!parentTags[i].equals(subTags[i])) return false;
+		}
+
+		return true;
 	}
 
 	public void filterSetByAction(Set<Object> targets, String action) {

Modified: labs/jbossrules/trunk/drools-guvnor/src/test/java/org/drools/guvnor/server/security/CategoryBasedPermissionResolverTest.java
===================================================================
--- labs/jbossrules/trunk/drools-guvnor/src/test/java/org/drools/guvnor/server/security/CategoryBasedPermissionResolverTest.java	2008-07-30 01:40:30 UTC (rev 21287)
+++ labs/jbossrules/trunk/drools-guvnor/src/test/java/org/drools/guvnor/server/security/CategoryBasedPermissionResolverTest.java	2008-07-30 02:07:13 UTC (rev 21288)
@@ -1,13 +1,13 @@
 package org.drools.guvnor.server.security;
 /*
  * Copyright 2005 JBoss Inc
- * 
+ *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
- * 
+ *
  *      http://www.apache.org/licenses/LICENSE-2.0
- * 
+ *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -30,32 +30,49 @@
 import junit.framework.TestCase;
 
 public class CategoryBasedPermissionResolverTest extends TestCase {
-	
+
     public void testAnalyst() throws Exception {
     	//Mock up SEAM contexts
-    	Map application = new HashMap<String, Object>();    	
+    	Map application = new HashMap<String, Object>();
     	Lifecycle.beginApplication(application);
-    	Lifecycle.beginCall();   	
+    	Lifecycle.beginCall();
     	MockIdentity midentity = new MockIdentity();
     	//this makes Identity.hasRole("admin") return false
-    	midentity.setHasRole(false);    	
+    	midentity.setHasRole(false);
     	Contexts.getSessionContext().set("org.jboss.seam.security.identity", midentity);
-    	
-    	
+
+
     	List<RoleBasedPermission> pbps = new ArrayList<RoleBasedPermission>();
 		pbps.add(new RoleBasedPermission("jervis", RoleTypes.PACKAGE_ADMIN, "631b3d79-5b67-42fb-83da-714624970a6b", null));
-		pbps.add(new RoleBasedPermission("jervis", RoleTypes.PACKAGE_READONLY, "47982482-7912-4881-97ec-e852494383d7", null));	
+		pbps.add(new RoleBasedPermission("jervis", RoleTypes.PACKAGE_READONLY, "47982482-7912-4881-97ec-e852494383d7", null));
 		pbps.add(new RoleBasedPermission("jervis", RoleTypes.ANALYST, null, "category1"));
 		pbps.add(new RoleBasedPermission("jervis", RoleTypes.ANALYST, null, "category2"));
     	Contexts.getSessionContext().set("packageBasedPermission", pbps);
-    	
+
     	CategoryBasedPermissionResolver resolver = new CategoryBasedPermissionResolver();
         assertTrue(resolver.hasPermission(new CategoryPathType("category1"), null));
         assertTrue(resolver.hasPermission(new CategoryPathType("category2"), null));
         assertFalse(resolver.hasPermission(new CategoryPathType("category3/category3"), null));
-        //TODO:
-        //assertTrue(resolver.hasPermission(new CategoryPathType("/category1/category2"), null));
- 
-    	Lifecycle.endApplication();   
-    } 
+
+        assertTrue(resolver.hasPermission(new CategoryPathType("/category1/category2"), null));
+
+    	Lifecycle.endApplication();
+    }
+
+    public void testIsSubPath() {
+    	CategoryBasedPermissionResolver pr = new CategoryBasedPermissionResolver();
+    	assertTrue(pr.isSubPath("foo", "foo/bar"));
+    	assertTrue(pr.isSubPath("foo", "/foo/bar"));
+    	assertTrue(pr.isSubPath("/foo/bar", "/foo/bar"));
+    	assertFalse(pr.isSubPath("/foo/bar", "foo"));
+
+    	assertTrue(pr.isSubPath("foo", "foo/bar/baz"));
+    	assertTrue(pr.isSubPath("foo/bar", "foo/bar/baz"));
+    	assertFalse(pr.isSubPath("wang", "foo/bar/baz"));
+    	assertFalse(pr.isSubPath("wang/whee", "foo/bar/baz"));
+
+    	assertFalse(pr.isSubPath("foo1", "foo2"));
+    	assertTrue(pr.isSubPath("foo1", "foo1"));
+
+    }
  }
\ No newline at end of file

More information about the jboss-svn-commits mailing list