Author: sohil.shah(a)jboss.com Date: 2009-08-08 11:36:17 -0400 (Sat, 08 Aug 2009) New Revision: 13704 Modified: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestPolicyUpdating.java Log: Policy Hot Deployment implementation * first success testcase....tons more to implement Modified: modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestPolicyUpdating.java =================================================================== --- modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestPolicyUpdating.java 2009-08-08 15:16:40 UTC (rev 13703) +++ modules/authorization/trunk/agent/src/test/java/org/jboss/security/authz/agent/features/TestPolicyUpdating.java 2009-08-08 15:36:17 UTC (rev 13704) @@ -76,13 +76,13 @@ this.enforce(this.createEnforcementContext(contextResource, action), true); //Find the Policy using the finder + resource.setUri(new URI("/root/level1/level2/index.html")); ProvisioningContext provisioningContext = new ProvisioningContext(); provisioningContext.setAttribute("uri-resource", resource); Set<Policy> policies = this.provisioner.find(provisioningContext); assertTrue("Policy Not Found!!", policies!=null && policies.size()==1); - //Make Policy Modifications and Deploy - resource.setUri(new URI("/root/level1/level2/index.html")); + //Make Policy Modifications and Deploy CompositionContext context = new CompositionContext(); context.setPolicyTarget(resource); context.addPolicyRule(Effect.DENY, action, allowedRoles, @@ -97,6 +97,62 @@ enforcementContext.setIgnoreCache(true); this.enforce(enforcementContext, false); } + + public void testPolicyDeletion() throws Exception + { + // SetUp Resource + URIResource resource = new URIResource(); + resource.setUri(new URI("/root/level1/level2/index.html")); + + Read action = new Read(); + + Roles allowedRoles = new Roles(); + allowedRoles.addName("user"); + + for(int i=0; i<2; i++) + { + if(i > 0) + { + resource.setUri(new URI("/root/level1/level2/index.html/"+i)); + } + // Setup the Context for the Composition with these components + CompositionContext context = new CompositionContext(); + context.setPolicyTarget(resource); + context.addPolicyRule(Effect.PERMIT, action, allowedRoles, + "allowExpression"); + + // Store the policy into the Policy Server + this.provisioner.deploy(context); + } + + this.assertServerState(); + + // Go ahead and produce a RequestContext for a "Permit" Enforcement + URIResource contextResource = new URIResource(); + contextResource.setUri(new URI("/root/level1/level2/index.html")); + + // Perform enforcement + this.enforce(this.createEnforcementContext(contextResource, action), true); + + //Find the Policy using the finder + resource.setUri(new URI("/root/level1/level2/index.html")); + ProvisioningContext provisioningContext = new ProvisioningContext(); + provisioningContext.setAttribute("uri-resource", resource); + Set<Policy> policies = this.provisioner.find(provisioningContext); + assertTrue("Policy Not Found!!", policies!=null && policies.size()==1); + + //Make Policy Modifications and Deploy + Policy policyToDelete = (Policy)policies.iterator().next(); + this.provisioner.deletePolicy(policyToDelete.getPolicyUri()); + + this.assertServerState(); + + //Enforce and make sure new Rules apply + //TODO: Remove This when Cache Invalidations are implemented!!! + EnforcementContext enforcementContext = this.createEnforcementContext(contextResource, action); + enforcementContext.setIgnoreCache(true); + this.enforce(enforcementContext, false); + } // ------------------------------------------------------------------------------------------------------------------------------------------------------ private EnforcementContext createEnforcementContext( URIResource protectedResource, Read action) throws Exception @@ -104,9 +160,6 @@ // Create an EnforcementContext EnforcementContext context = new EnforcementContext(); - // Enable Hierarchial Enforcement - context.activateHierarchialEnforcement(); - // Create Resource context.setAttribute("uri-resource", protectedResource);