Author: sohil.shah(a)jboss.com
Date: 2009-08-09 10:30:32 -0400 (Sun, 09 Aug 2009)
New Revision: 13714
Added:
jbossexo/branches/security-integration-sandbox/portal/trunk/component/portal/src/test/java/org/exoplatform/portal/config/security/jboss/TestJBossCustomRolesDRL.java
jbossexo/branches/security-integration-sandbox/portal/trunk/component/portal/src/test/resources/custom-roles-component.drl
Modified:
jbossexo/branches/security-integration-sandbox/portal/trunk/component/portal/.classpath
Log:
Testing the Drools expression for Exo specific Roles Security Component
Modified:
jbossexo/branches/security-integration-sandbox/portal/trunk/component/portal/.classpath
===================================================================
---
jbossexo/branches/security-integration-sandbox/portal/trunk/component/portal/.classpath 2009-08-09
05:18:20 UTC (rev 13713)
+++
jbossexo/branches/security-integration-sandbox/portal/trunk/component/portal/.classpath 2009-08-09
14:30:32 UTC (rev 13714)
@@ -158,6 +158,8 @@
<classpathentry kind="var"
path="M2_REPO_EXO/xpp3/xpp3_min/1.1.4c/xpp3_min-1.1.4c.jar"/>
<classpathentry kind="var"
path="M2_REPO_EXO/com/thoughtworks/xstream/xstream/1.3.1/xstream-1.3.1.jar"/>
<classpathentry kind="var"
path="M2_REPO_EXO/xstream/xstream/1.0.2/xstream-1.0.2.jar"/>
+ <classpathentry kind="var"
path="M2_REPO_EXO/org/drools/drools-core/4.0.7/drools-core-4.0.7.jar"/>
+ <classpathentry kind="var"
path="M2_REPO_EXO/org/drools/drools-compiler/4.0.7/drools-compiler-4.0.7.jar"/>
<classpathentry kind="con"
path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
<classpathentry kind="output" path="eclipse-bin"/>
</classpath>
Added:
jbossexo/branches/security-integration-sandbox/portal/trunk/component/portal/src/test/java/org/exoplatform/portal/config/security/jboss/TestJBossCustomRolesDRL.java
===================================================================
---
jbossexo/branches/security-integration-sandbox/portal/trunk/component/portal/src/test/java/org/exoplatform/portal/config/security/jboss/TestJBossCustomRolesDRL.java
(rev 0)
+++
jbossexo/branches/security-integration-sandbox/portal/trunk/component/portal/src/test/java/org/exoplatform/portal/config/security/jboss/TestJBossCustomRolesDRL.java 2009-08-09
14:30:32 UTC (rev 13714)
@@ -0,0 +1,134 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2006, Red Hat Middleware, LLC, and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site:
http://www.fsf.org.
+ */
+package org.exoplatform.portal.config.security.jboss;
+
+import java.util.Set;
+import java.util.Iterator;
+import java.util.HashSet;
+
+import java.io.InputStreamReader;
+import java.io.Reader;
+
+import org.apache.log4j.Logger;
+import org.exoplatform.test.BasicTestCase;
+
+import org.drools.RuleBase;
+import org.drools.RuleBaseFactory;
+import org.drools.compiler.PackageBuilder;
+import org.drools.WorkingMemory;
+import org.drools.StatefulSession;
+
+/**
+ * @author <a href="mailto:sshah@redhat.com">Sohil Shah</a>
+ */
+public class TestJBossCustomRolesDRL extends BasicTestCase
+{
+ private static Logger log = Logger.getLogger(TestJBossCustomRolesDRL.class);
+
+ private RuleBase activeRuleBase = null;
+
+ public void setUp() throws Exception
+ {
+ Reader source = new InputStreamReader(Thread.currentThread()
+ .getContextClassLoader().getSystemResourceAsStream(
+ "custom-roles-component.drl"));
+
+ PackageBuilder packageBuilder = new PackageBuilder();
+ packageBuilder.addPackageFromDrl(source);
+
+ this.activeRuleBase = RuleBaseFactory.newRuleBase();
+ this.activeRuleBase.addPackage(packageBuilder.getPackage());
+ }
+
+ public void testDRLProcessing() throws Exception
+ {
+ //Must Be Allowed
+ Set<String> roles = new HashSet<String>();
+ roles.add("blahblah");
+ roles.add("whatever:/platform/administrators");
+ assertTrue("Must Be Allowed!!", this.fireRules(roles));
+
+ //Must Be Allowed
+ roles.clear();
+ roles.add("blahblah");
+ roles.add("*:/platform/administrators");
+ assertTrue("Must Be Allowed!!", this.fireRules(roles));
+
+ //Must Be Allowed
+ roles.clear();
+ roles.add("blahblah");
+ roles.add("blah:/platform/administrators");
+ assertTrue("Must Be Allowed!!", this.fireRules(roles));
+
+ //Must Be Allowed
+ roles.clear();
+ roles.add("blahblah");
+ roles.add("whatever:/guest/group");
+ assertTrue("Must Be Allowed!!", this.fireRules(roles));
+
+ //Must Be Allowed
+ roles.clear();
+ roles.add("blahblah");
+ roles.add("*:/guest/group");
+ assertTrue("Must Be Allowed!!", this.fireRules(roles));
+
+ //Must Be Denied
+ roles.clear();
+ roles.add("blahblah");
+ roles.add("blah:/guest/group");
+ assertFalse("Must Be Denied!!", this.fireRules(roles));
+
+ //Must Be Denied
+ roles.clear();
+ roles.add("blahblah");
+ assertFalse("Must Be Denied!!", this.fireRules(roles));
+ }
+
+ private boolean fireRules(Set<String> roles)
+ {
+ WorkingMemory workingMemory = this.activeRuleBase.newStatefulSession();
+
+ workingMemory.insert(roles);
+
+ workingMemory.fireAllRules();
+
+ boolean success = false;
+ Iterator itr = workingMemory.iterateObjects();
+ while (itr.hasNext())
+ {
+ Object curr = itr.next();
+ if (curr instanceof Boolean)
+ {
+ success = ((Boolean) curr).booleanValue();
+ }
+ }
+
+ log.info("---------------------------------------------------------");
+ log.info("Result From Rule Execution="+success);
+ log.info("---------------------------------------------------------");
+
+ // Cleanup the WorkingMemory
+ ((StatefulSession)workingMemory).dispose();
+
+ return success;
+ }
+}
Added:
jbossexo/branches/security-integration-sandbox/portal/trunk/component/portal/src/test/resources/custom-roles-component.drl
===================================================================
---
jbossexo/branches/security-integration-sandbox/portal/trunk/component/portal/src/test/resources/custom-roles-component.drl
(rev 0)
+++
jbossexo/branches/security-integration-sandbox/portal/trunk/component/portal/src/test/resources/custom-roles-component.drl 2009-08-09
14:30:32 UTC (rev 13714)
@@ -0,0 +1,68 @@
+package security
+import java.util.Set
+import java.util.HashSet
+
+
+function boolean evaluateMembership(Set userRoles)
+{
+ //This value is dynamically injected during the Composition Phase
+ //For TestSuite purposes its hard coded
+ String[] allowedRoles = new String[]
+ {"*:/platform/administrators",
+ "whatever:/guest/group"
+ };
+
+ for(Object local: userRoles)
+ {
+ String userRole = (String)local;
+ String[] userSplit = userRole.split(":");
+ if(userSplit.length < 2)
+ {
+ continue;
+ }
+
+ String userMembershipType = userSplit[0].trim();
+ String userGroup = userSplit[1].trim();
+
+ for(String allowedRole: allowedRoles)
+ {
+ String[] allowedSplit = allowedRole.split(":");
+ if(allowedSplit.length < 2)
+ {
+ continue;
+ }
+
+ String allowedMembershipType = allowedSplit[0].trim();
+ String allowedGroup = allowedSplit[1].trim();
+
+ //Perform the matching
+ if(userMembershipType.equals("*") ||
allowedMembershipType.equals("*"))
+ {
+ if(userGroup.equals(allowedGroup))
+ {
+ return true;
+ }
+ }
+ else
+ {
+ if(userMembershipType.equals(allowedMembershipType) &&
userGroup.equals(allowedGroup))
+ {
+ return true;
+ }
+ }
+ }
+ }
+
+ return false;
+}
+
+
+rule "roleMatchingRule"
+
+when
+$roles: HashSet()
+eval(evaluateMembership($roles))
+
+then
+insert(Boolean.TRUE);
+end
\ No newline at end of file