[jboss-cvs] JBossAS SVN: r70015 - in projects/security/security-jboss-sx/trunk/acl: src/main/org/jboss/security/acl and 1 other directories.

jboss-cvs-commits at lists.jboss.org jboss-cvs-commits at lists.jboss.org
Thu Feb 21 15:06:42 EST 2008


Author: sguilhen at redhat.com
Date: 2008-02-21 15:06:42 -0500 (Thu, 21 Feb 2008)
New Revision: 70015

Added:
   projects/security/security-jboss-sx/trunk/acl/src/main/org/jboss/security/acl/JPAPersistenceStrategy.java
   projects/security/security-jboss-sx/trunk/acl/src/tests/org/jboss/test/security/acl/JPAStrategyUnitTestCase.java
   projects/security/security-jboss-sx/trunk/acl/src/tests/org/jboss/test/security/acl/TestACLRegistration.java
Removed:
   projects/security/security-jboss-sx/trunk/acl/src/tests/org/jboss/test/security/acl/ACLProviderUnitTestCase.java
Modified:
   projects/security/security-jboss-sx/trunk/acl/.classpath
   projects/security/security-jboss-sx/trunk/acl/src/main/org/jboss/security/acl/ACLProviderImpl.java
   projects/security/security-jboss-sx/trunk/acl/src/tests/org/jboss/test/security/acl/ACLUseTestCase.java
Log:
Added a JPA implementation of ACLPersistenceStrategy, updated tests to reflect this change. Also created a test implementation of ACLRegistration to be used by the ACLUseTestCase.




Modified: projects/security/security-jboss-sx/trunk/acl/.classpath
===================================================================
--- projects/security/security-jboss-sx/trunk/acl/.classpath	2008-02-21 20:02:57 UTC (rev 70014)
+++ projects/security/security-jboss-sx/trunk/acl/.classpath	2008-02-21 20:06:42 UTC (rev 70015)
@@ -3,7 +3,7 @@
 	<classpathentry excluding="**/*.java" including="JBossORG-EULA.txt" kind="src" path=""/>
 	<classpathentry kind="src" path="src/main"/>
 	<classpathentry excluding="**/*.java" including="**/*.dtd|**/*.xsd|**/*.xml" kind="src" path="src/resources"/>
-	<classpathentry including="**/*.java;resources/*" kind="src" path="src/tests"/>
+	<classpathentry kind="src" path="src/tests"/>
 	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
 	<classpathentry kind="var" path="M2_REPO/antlr/antlr/2.7.6/antlr-2.7.6.jar"/>
 	<classpathentry kind="var" path="M2_REPO/log4j/log4j/1.2.14/log4j-1.2.14.jar"/>

Modified: projects/security/security-jboss-sx/trunk/acl/src/main/org/jboss/security/acl/ACLProviderImpl.java
===================================================================
--- projects/security/security-jboss-sx/trunk/acl/src/main/org/jboss/security/acl/ACLProviderImpl.java	2008-02-21 20:02:57 UTC (rev 70014)
+++ projects/security/security-jboss-sx/trunk/acl/src/main/org/jboss/security/acl/ACLProviderImpl.java	2008-02-21 20:06:42 UTC (rev 70015)
@@ -21,18 +21,9 @@
  */
 package org.jboss.security.acl;
 
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.HashMap;
 import java.util.Map;
 import java.util.Set;
 
-import javax.persistence.EntityManager;
-import javax.persistence.EntityManagerFactory;
-import javax.persistence.EntityTransaction;
-import javax.persistence.NoResultException;
-import javax.persistence.Persistence;
-
 import org.jboss.security.authorization.AuthorizationException;
 import org.jboss.security.authorization.Resource;
 import org.jboss.security.identity.Identity;
@@ -49,222 +40,66 @@
 public class ACLProviderImpl implements ACLProvider
 {
 
-   // in memory cache of the created ACLs.
-   private final Map<Resource, ACL> aclMap;
+   /** persistence strategy used to retrieve the ACLs */
+   private ACLPersistenceStrategy strategy;
 
-   private final EntityManagerFactory factory;
-
    /**
-    * <p>
-    * Creates an instance of {@code ACLProviderImpl}.
-    * </p>
+    * @see org.jboss.security.acl.ACLProvider#initialize(java.util.Map, java.util.Map)
     */
-   public ACLProviderImpl()
+   public void initialize(Map<String, Object> sharedState, Map<String, Object> options)
    {
-      this.aclMap = new HashMap<Resource, ACL>();
-      this.factory = Persistence.createEntityManagerFactory("ACL");
    }
 
-   /*
-    * (non-Javadoc)
-    * @see org.jboss.security.acl.ACLProvider#createACL(org.jboss.security.authorization.Resource)
+   /**
+    * @see org.jboss.security.acl.ACLProvider#getEntitlements(java.lang.Class, org.jboss.security.authorization.Resource,
+    *           org.jboss.security.identity.Identity)
     */
-   public ACL createACL(Resource resource)
+   public <T> Set<T> getEntitlements(Class<T> clazz, Resource resource, Identity identity)
+         throws AuthorizationException
    {
-      return this.createACL(resource, new ArrayList<ACLEntry>());
+      throw new NotImplementedException();
    }
 
-   /*
-    * (non-Javadoc)
-    * @see org.jboss.security.acl.ACLProvider#createACL(org.jboss.security.authorization.Resource, java.util.Collection)
+   /**
+    * @see org.jboss.security.acl.ACLProvider#getPersistenceStrategy()
     */
-   public ACL createACL(Resource resource, Collection<ACLEntry> entries)
+   public ACLPersistenceStrategy getPersistenceStrategy()
    {
-      if (resource == null)
-         throw new IllegalArgumentException("ACLs cannot be created for null resources");
-
-      // check the cache first.
-      ACL acl = this.aclMap.get(resource);
-      if (acl == null)
-      {
-         EntityManager entityManager = this.factory.createEntityManager();
-         EntityTransaction transaction = entityManager.getTransaction();
-         transaction.begin();
-         try
-         {
-            // create a new ACL and persist it to the database.
-            acl = new ACLImpl(resource, entries);
-            entityManager.persist(acl);
-            // add the newly-created ACL to the cache.
-            this.aclMap.put(resource, acl);
-            transaction.commit();
-         }
-         catch (RuntimeException re)
-         {
-            re.printStackTrace();
-            transaction.rollback();
-         }
-         finally
-         {
-            entityManager.close();
-         }
-      }
-      return acl;
+      return this.strategy;
    }
 
-   /*
-    * (non-Javadoc)
-    * @see org.jboss.security.acl.ACLProvider#removeACL(org.jboss.security.acl.ACL)
+   /**
+    * @see org.jboss.security.acl.ACLProvider#setPersistenceStrategy(org.jboss.security.acl.ACLPersistenceStrategy)
     */
-   public boolean removeACL(ACL acl)
+   public void setPersistenceStrategy(ACLPersistenceStrategy strategy)
    {
-      return this.removeACL(acl.getResource());
+      this.strategy = strategy;
    }
 
-   /*
-    * (non-Javadoc)
-    * @see org.jboss.security.acl.ACLProvider#removeACL(org.jboss.security.authorization.Resource)
+   /**
+    * @see org.jboss.security.acl.ACLProvider#isAccessGranted(org.jboss.security.authorization.Resource, 
+    *           org.jboss.security.identity.Identity, org.jboss.security.acl.ACLPermission)
     */
-   public boolean removeACL(Resource resource)
+   public boolean isAccessGranted(Resource resource, Identity identity, ACLPermission permission)
+         throws AuthorizationException
    {
-      boolean result = false;
-
-      EntityManager entityManager = this.factory.createEntityManager();
-      EntityTransaction transaction = entityManager.getTransaction();
-      transaction.begin();
-      try
+      if (this.strategy != null)
       {
-         // find the ACL associated with the specified resource and remove it from the database.
-         ACL acl = this.findACLByResource(resource, entityManager);
+         ACL acl = strategy.getACL(resource);
          if (acl != null)
-         {
-            entityManager.remove(acl);
-            // remove the ACL from the cache.
-            result = this.aclMap.remove(resource) != null;
-         }
-         transaction.commit();
+            return acl.isGranted(permission, identity);
+         else
+            throw new AuthorizationException("Unable to locate an ACL for the resource " + resource);
       }
-      catch (RuntimeException re)
-      {
-         re.printStackTrace();
-         transaction.rollback();
-      }
-      finally
-      {
-         entityManager.close();
-      }
-      return result;
+      throw new AuthorizationException("Unable to retrieve ACL: persistece strategy not set");
    }
 
-   /*
-    * (non-Javadoc)
-    * @see org.jboss.security.acl.ACLProvider#getACL(org.jboss.security.authorization.Resource)
-    */
-   public ACL getACL(Resource resource)
-   {
-      // check the cache first.
-      ACL acl = this.aclMap.get(resource);
-      if (acl == null)
-      {
-         EntityManager entityManager = this.factory.createEntityManager();
-         try
-         {
-            acl = this.findACLByResource(resource, entityManager);
-            if (acl != null)
-               this.aclMap.put(resource, acl);
-         }
-         finally
-         {
-            entityManager.close();
-         }
-      }
-      return acl;
-   }
-
-   /*
-    * (non-Javadoc)
-    * @see org.jboss.security.acl.ACLProvider#updateACL(org.jboss.security.acl.ACL)
-    */
-   public boolean updateACL(ACL acl)
-   {
-      if (((ACLImpl) acl).getACLId() == 0)
-         return false;
-
-      EntityManager entityManager = this.factory.createEntityManager();
-      EntityTransaction transaction = entityManager.getTransaction();
-      transaction.begin();
-      try
-      {
-         for (ACLEntry entry : acl.getEntries())
-         {
-            // persist the new entries that might have been added to the ACL.
-            ACLEntryImpl entryImpl = (ACLEntryImpl) entry;
-            if (entryImpl.getACLEntryId() == 0)
-               entityManager.persist(entryImpl);
-         }
-         // merge will take care of the entries that might have been removed.
-         entityManager.merge(acl);
-         // update the cache.
-         this.aclMap.put(acl.getResource(), acl);
-         transaction.commit();
-         return true;
-      }
-      catch (RuntimeException re)
-      {
-         re.printStackTrace();
-         transaction.rollback();
-      }
-      finally
-      {
-         entityManager.close();
-      }
-      return false;
-   }
-
    /**
-    * <p>
-    * Searches the database for the {@code ACL} associated with the specified resource.
-    * </p>
-    * 
-    * @param resource   the {@code Resource} that is associated with the {@code ACL} being searched.
-    * @param entityManager  the {@code EntityManager} used to search the database.
-    * @return   the {@code ACL} retrieved from the database, or {@code null} if no {@code ACL} could be found.
+    * @see org.jboss.security.acl.ACLProvider#tearDown()
     */
-   private ACLImpl findACLByResource(Resource resource, EntityManager entityManager)
-   {
-      ACLImpl acl = null;
-      try
-      {
-         acl = (ACLImpl) entityManager.createQuery(
-               "SELECT a FROM ACLImpl a WHERE a.resourceAsString LIKE '" + Util.getResourceAsString(resource) + "'")
-               .getSingleResult();
-         acl.setResource(resource);
-      }
-      catch (NoResultException nre)
-      {
-         // ignore the exception when no ACL could be found for the given resource.
-      }
-      return acl;
-   }
-
-   /**
-    * @see ACLProvider#getEntitlements(Class, Resource, Identity)
-    */
-   public <T> Set<T> getEntitlements(Class<T> clazz, Resource resource, Identity identity) 
-   throws AuthorizationException
-   {
-      throw new NotImplementedException();
-   }
-
-   /**
-    * @see ACLProvider#tearDown()
-    */
    public boolean tearDown()
    {
       return true;
    }
 
-   public void initialize(Map<String, Object> sharedState, Map<String, Object> options)
-   { 
-   }
 }
\ No newline at end of file

Added: projects/security/security-jboss-sx/trunk/acl/src/main/org/jboss/security/acl/JPAPersistenceStrategy.java
===================================================================
--- projects/security/security-jboss-sx/trunk/acl/src/main/org/jboss/security/acl/JPAPersistenceStrategy.java	                        (rev 0)
+++ projects/security/security-jboss-sx/trunk/acl/src/main/org/jboss/security/acl/JPAPersistenceStrategy.java	2008-02-21 20:06:42 UTC (rev 70015)
@@ -0,0 +1,219 @@
+package org.jboss.security.acl;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.persistence.EntityManager;
+import javax.persistence.EntityManagerFactory;
+import javax.persistence.EntityTransaction;
+import javax.persistence.NoResultException;
+import javax.persistence.Persistence;
+
+import org.jboss.security.authorization.Resource;
+
+/**
+ * <p>
+ * Implementation of {@code ACLPersistenceStrategy} that uses the Java Persistence API (JPA) to
+ * persist the {@code ACL}s.
+ * </p>
+ * 
+ * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
+ */
+public class JPAPersistenceStrategy implements ACLPersistenceStrategy
+{
+
+   // in memory cache of the created ACLs.
+   private final Map<Resource, ACL> aclMap;
+
+   private final EntityManagerFactory factory;
+
+   public JPAPersistenceStrategy()
+   {
+      this.aclMap = new HashMap<Resource, ACL>();
+      this.factory = Persistence.createEntityManagerFactory("ACL");
+   }
+
+   /*
+    * (non-Javadoc)
+    * @see org.jboss.security.acl.ACLProvider#createACL(org.jboss.security.authorization.Resource)
+    */
+   public ACL createACL(Resource resource)
+   {
+      return this.createACL(resource, new ArrayList<ACLEntry>());
+   }
+
+   /*
+    * (non-Javadoc)
+    * @see org.jboss.security.acl.ACLProvider#createACL(org.jboss.security.authorization.Resource, java.util.Collection)
+    */
+   public ACL createACL(Resource resource, Collection<ACLEntry> entries)
+   {
+      if (resource == null)
+         throw new IllegalArgumentException("ACLs cannot be created for null resources");
+
+      // check the cache first.
+      ACL acl = this.aclMap.get(resource);
+      if (acl == null)
+      {
+         EntityManager entityManager = this.factory.createEntityManager();
+         EntityTransaction transaction = entityManager.getTransaction();
+         transaction.begin();
+         try
+         {
+            // create a new ACL and persist it to the database.
+            acl = new ACLImpl(resource, entries);
+            entityManager.persist(acl);
+            // add the newly-created ACL to the cache.
+            this.aclMap.put(resource, acl);
+            transaction.commit();
+         }
+         catch (RuntimeException re)
+         {
+            re.printStackTrace();
+            transaction.rollback();
+         }
+         finally
+         {
+            entityManager.close();
+         }
+      }
+      return acl;
+   }
+
+   /*
+    * (non-Javadoc)
+    * @see org.jboss.security.acl.ACLProvider#removeACL(org.jboss.security.acl.ACL)
+    */
+   public boolean removeACL(ACL acl)
+   {
+      return this.removeACL(acl.getResource());
+   }
+
+   /*
+    * (non-Javadoc)
+    * @see org.jboss.security.acl.ACLProvider#removeACL(org.jboss.security.authorization.Resource)
+    */
+   public boolean removeACL(Resource resource)
+   {
+      boolean result = false;
+
+      EntityManager entityManager = this.factory.createEntityManager();
+      EntityTransaction transaction = entityManager.getTransaction();
+      transaction.begin();
+      try
+      {
+         // find the ACL associated with the specified resource and remove it from the database.
+         ACL acl = this.findACLByResource(resource, entityManager);
+         if (acl != null)
+         {
+            entityManager.remove(acl);
+            // remove the ACL from the cache.
+            result = this.aclMap.remove(resource) != null;
+         }
+         transaction.commit();
+      }
+      catch (RuntimeException re)
+      {
+         re.printStackTrace();
+         transaction.rollback();
+      }
+      finally
+      {
+         entityManager.close();
+      }
+      return result;
+   }
+
+   /*
+    * (non-Javadoc)
+    * @see org.jboss.security.acl.ACLProvider#getACL(org.jboss.security.authorization.Resource)
+    */
+   public ACL getACL(Resource resource)
+   {
+      // check the cache first.
+      ACL acl = this.aclMap.get(resource);
+      if (acl == null)
+      {
+         EntityManager entityManager = this.factory.createEntityManager();
+         try
+         {
+            acl = this.findACLByResource(resource, entityManager);
+            if (acl != null)
+               this.aclMap.put(resource, acl);
+         }
+         finally
+         {
+            entityManager.close();
+         }
+      }
+      return acl;
+   }
+
+   /*
+    * (non-Javadoc)
+    * @see org.jboss.security.acl.ACLProvider#updateACL(org.jboss.security.acl.ACL)
+    */
+   public boolean updateACL(ACL acl)
+   {
+      if (((ACLImpl) acl).getACLId() == 0)
+         return false;
+
+      EntityManager entityManager = this.factory.createEntityManager();
+      EntityTransaction transaction = entityManager.getTransaction();
+      transaction.begin();
+      try
+      {
+         for (ACLEntry entry : acl.getEntries())
+         {
+            // persist the new entries that might have been added to the ACL.
+            ACLEntryImpl entryImpl = (ACLEntryImpl) entry;
+            if (entryImpl.getACLEntryId() == 0)
+               entityManager.persist(entryImpl);
+         }
+         // merge will take care of the entries that might have been removed.
+         entityManager.merge(acl);
+         // update the cache.
+         this.aclMap.put(acl.getResource(), acl);
+         transaction.commit();
+         return true;
+      }
+      catch (RuntimeException re)
+      {
+         re.printStackTrace();
+         transaction.rollback();
+      }
+      finally
+      {
+         entityManager.close();
+      }
+      return false;
+   }
+
+   /**
+    * <p>
+    * Searches the database for the {@code ACL} associated with the specified resource.
+    * </p>
+    * 
+    * @param resource   the {@code Resource} that is associated with the {@code ACL} being searched.
+    * @param entityManager  the {@code EntityManager} used to search the database.
+    * @return   the {@code ACL} retrieved from the database, or {@code null} if no {@code ACL} could be found.
+    */
+   private ACLImpl findACLByResource(Resource resource, EntityManager entityManager)
+   {
+      ACLImpl acl = null;
+      try
+      {
+         acl = (ACLImpl) entityManager.createQuery(
+               "SELECT a FROM ACLImpl a WHERE a.resourceAsString LIKE '" + Util.getResourceAsString(resource) + "'")
+               .getSingleResult();
+         acl.setResource(resource);
+      }
+      catch (NoResultException nre)
+      {
+         // ignore the exception when no ACL could be found for the given resource.
+      }
+      return acl;
+   }
+}

Deleted: projects/security/security-jboss-sx/trunk/acl/src/tests/org/jboss/test/security/acl/ACLProviderUnitTestCase.java
===================================================================
--- projects/security/security-jboss-sx/trunk/acl/src/tests/org/jboss/test/security/acl/ACLProviderUnitTestCase.java	2008-02-21 20:02:57 UTC (rev 70014)
+++ projects/security/security-jboss-sx/trunk/acl/src/tests/org/jboss/test/security/acl/ACLProviderUnitTestCase.java	2008-02-21 20:06:42 UTC (rev 70015)
@@ -1,187 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2005, JBoss Inc., and individual contributors as indicated
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.test.security.acl;
-
-import java.util.ArrayList;
-import java.util.Collection;
-
-import junit.framework.TestCase;
-
-import org.jboss.security.acl.ACL;
-import org.jboss.security.acl.ACLEntry;
-import org.jboss.security.acl.ACLEntryImpl;
-import org.jboss.security.acl.ACLImpl;
-import org.jboss.security.acl.ACLProvider;
-import org.jboss.security.acl.ACLProviderImpl;
-import org.jboss.security.acl.BasicACLPermission;
-import org.jboss.security.identity.plugins.IdentityFactory;
-
-/**
- * <p>
- * This {@code TestCase} tests the funcionality exposed by the {@code ACLProvider} 
- * interface
- * </p>
- * 
- * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
- */
-public class ACLProviderUnitTestCase extends TestCase
-{
-   private TestResource[] resources;
-
-   private Collection<ACL> createdACLs;
-
-   private ACLProvider provider;
-
-   @Override
-   protected void setUp() throws Exception
-   {
-      // create some test resources to be used by the tests.
-      this.resources = new TestResource[10];
-      for (int index = 0; index < this.resources.length; index++)
-         this.resources[index] = new TestResource(index + 1);
-      this.createdACLs = new ArrayList<ACL>();
-      this.provider = new ACLProviderImpl();
-   }
-
-   @Override
-   protected void tearDown() throws Exception
-   {
-      for (ACL acl : this.createdACLs)
-         this.provider.removeACL(acl);
-   }
-
-   /**
-    * <p>
-    * Tests the creation of ACLs for resources.
-    * </p>
-    * 
-    * @throws Exception if an error occurs when running the test.
-    */
-   public void testACLCreation() throws Exception
-   {
-      // assert no ACL exists for any of the resources.
-      for (int index = 0; index < this.resources.length; index++)
-         assertNull(this.provider.getACL(this.resources[index]));
-
-      // create ACLs for half of the resources.
-      for (int index = 0; index < this.resources.length / 2; index++)
-      {
-         ACL acl = this.provider.createACL(this.resources[index]);
-         this.createdACLs.add(acl);
-         assertNotNull(acl);
-         assertEquals("Unexpected entries found", 0, acl.getEntries().size());
-         assertEquals("Unexpected resource", this.resources[index], acl.getResource());
-      }
-
-      // assert no ACL still exists for the remaining resources.
-      int index = (this.resources.length / 2) + 1;
-      for (; index < this.resources.length; index++)
-         assertNull(this.provider.getACL(this.resources[index]));
-
-      // assert that an ACL cannot be created for a null resource.
-      boolean caughtException = false;
-      try
-      {
-         this.provider.createACL(null);
-      }
-      catch (IllegalArgumentException iae)
-      {
-         caughtException = true;
-      }
-      assertTrue("Expected exception not thrown", caughtException);
-   }
-
-   /**
-    * <p>
-    * Tests the update of existing ACLs.
-    * </p>
-    * 
-    * @throws Exception if an error occurs when running the test.
-    */
-   public void testACLUpdate() throws Exception
-   {
-      // create an empty ACL.
-      ACL acl = this.provider.createACL(this.resources[0]);
-      this.createdACLs.add(acl);
-      assertEquals("Unexpected entries found", 0, acl.getEntries().size());
-
-      // add some entries to the ACL.
-      int entriesNumber = 20;
-      for (int i = 0; i < entriesNumber; i++)
-      {
-         ACLEntry entry = new ACLEntryImpl(BasicACLPermission.CREATE, IdentityFactory.createIdentity("Identity" + i));
-         acl.addEntry(entry);
-      }
-      assertTrue("Failed to update the ACL", this.provider.updateACL(acl));
-
-      // retrieve the ACL again and check it has the added entries.
-      acl = this.provider.getACL(this.resources[0]);
-      assertEquals("Invalid number of entries", entriesNumber, acl.getEntries().size());
-
-      // now remove one of the entries.
-      ACLEntry entry = acl.getEntries().iterator().next();
-      acl.removeEntry(entry);
-      assertTrue("Failed to update the ACL", this.provider.updateACL(acl));
-
-      // retrieve the ACL again and check it has one less entry.
-      acl = this.provider.getACL(this.resources[0]);
-      assertEquals("Invalid number of entries", entriesNumber - 1, acl.getEntries().size());
-
-      // assert that update fails for an ACL not managed by the provider.
-      Collection<ACLEntry> entries = new ArrayList<ACLEntry>();
-      entries.add(new ACLEntryImpl(BasicACLPermission.UPDATE, IdentityFactory.createIdentity("Another Identity")));
-      ACL otherACL = new ACLImpl(this.resources[1], entries);
-      assertFalse(this.provider.updateACL(otherACL));
-   }
-
-   /**
-    * <p>
-    * Tests the removal of existing ACLs.
-    * </p>
-    * 
-    * @throws Exception if an error occurs when running the test.
-    */
-   public void testACLRemoval() throws Exception
-   {
-      ACL[] acls = new ACL[this.resources.length];
-      for (int index = 0; index < this.resources.length; index++)
-      {
-         acls[index] = this.provider.createACL(this.resources[index]);
-         this.createdACLs.add(acls[index]);
-      }
-
-      // remove some ACLs.
-      for (int index = 0; index < this.resources.length / 2; index++)
-      {
-         assertTrue(this.provider.removeACL(acls[index]));
-         // assert no ACL is associated to the resources anymore.
-         assertNull(this.provider.getACL(this.resources[index]));
-         // removing an ACL that is not managed anymore by the provider must return false.
-         assertFalse(this.provider.removeACL(acls[index]));
-      }
-
-      // assert the remaining resources are still associated with an ACL.
-      int index = (this.resources.length / 2) + 1;
-      for (; index < this.resources.length; index++)
-         assertNotNull(this.provider.getACL(this.resources[index]));
-   }
-}

Modified: projects/security/security-jboss-sx/trunk/acl/src/tests/org/jboss/test/security/acl/ACLUseTestCase.java
===================================================================
--- projects/security/security-jboss-sx/trunk/acl/src/tests/org/jboss/test/security/acl/ACLUseTestCase.java	2008-02-21 20:02:57 UTC (rev 70014)
+++ projects/security/security-jboss-sx/trunk/acl/src/tests/org/jboss/test/security/acl/ACLUseTestCase.java	2008-02-21 20:06:42 UTC (rev 70015)
@@ -27,14 +27,18 @@
 
 import junit.framework.TestCase;
 
-import org.jboss.security.acl.ACL;
 import org.jboss.security.acl.ACLEntry;
 import org.jboss.security.acl.ACLEntryImpl;
+import org.jboss.security.acl.ACLPersistenceStrategy;
 import org.jboss.security.acl.ACLProvider;
 import org.jboss.security.acl.ACLProviderImpl;
+import org.jboss.security.acl.ACLRegistration;
 import org.jboss.security.acl.BasicACLPermission;
 import org.jboss.security.acl.BitMaskPermission;
 import org.jboss.security.acl.CompositeACLPermission;
+import org.jboss.security.acl.JPAPersistenceStrategy;
+import org.jboss.security.authorization.AuthorizationException;
+import org.jboss.security.authorization.Resource;
 import org.jboss.security.identity.Identity;
 import org.jboss.security.identity.plugins.IdentityFactory;
 
@@ -55,12 +59,19 @@
 
    private Identity[] identities;
 
+   private ACLPersistenceStrategy strategy;
+
+   private ACLRegistration registration;
+
    private ACLProvider provider;
 
    @Override
    protected void setUp() throws Exception
    {
+      this.strategy = new JPAPersistenceStrategy();
+      this.registration = new TestACLRegistration(strategy);
       this.provider = new ACLProviderImpl();
+      this.provider.setPersistenceStrategy(strategy);
 
       // create the resources used in the tests.
       this.resources = new TestResource[TOTAL_RESOURCES];
@@ -76,7 +87,7 @@
       BitMaskPermission noPermission = new CompositeACLPermission();
       BitMaskPermission allPermission = new CompositeACLPermission(BasicACLPermission.values());
 
-      // create the ACLs for the resources.
+      // register the ACLs for the resources used by the tests.
       for (int i = 0; i < TOTAL_RESOURCES; i++)
       {
          Collection<ACLEntry> entries = new ArrayList<ACLEntry>();
@@ -96,18 +107,17 @@
                entries.add(new ACLEntryImpl(noPermission, this.identities[j]));
             }
          }
-         this.provider.createACL(this.resources[i], entries);
+         this.registration.registerACL(this.resources[i], entries);
       }
    }
 
-   //   @Override
-   //   protected void tearDown() throws Exception
-   //   {
-   //      for (TestResource resource : this.resources)
-   //         this.provider.removeACL(resource);
-   //      this.resources = null;
-   //      this.identities = null;
-   //   }
+   @Override
+   protected void tearDown() throws Exception
+   {
+      // deregisters the ACLs.
+      for (Resource resource : this.resources)
+         this.registration.deRegisterACL(resource);
+   }
 
    /**
     * <p>
@@ -153,22 +163,6 @@
          this.updateResource(resource, identity);
          assertEquals("Resource name hasn't changed as expected", "Changed Name", resource.getResourceName());
       }
-
-      // try to remove all "even" resources using an identity without removal permission. Note that identities[5] has all
-      // permissions, but only for the "odd" resources, so it should not be able to remove an "even" resource.
-      for (int index = 0; index < TOTAL_RESOURCES; index += 2)
-      {
-         this.removeResource(index, identity);
-         assertNotNull(this.resources[index]);
-      }
-
-      // repeat the test, this time using an identity with the removal permission.
-      identity = this.identities[0];
-      for (int index = 0; index < TOTAL_RESOURCES; index += 2)
-      {
-         this.removeResource(index, identity);
-         assertNull(this.resources[index]);
-      }
    }
 
    /**
@@ -182,13 +176,21 @@
    private TestResource[] filterResources(Identity identity)
    {
       List<TestResource> filteredResources = new ArrayList<TestResource>();
+      // iterate through the resources and add those that can be accessed by the identity.
       for (TestResource resource : this.resources)
       {
-         // first retrieve the ACL associated with the resource.
-         ACL acl = this.provider.getACL(resource);
-         // then check the identity has the READ permission on the resource.
-         if (acl.isGranted(BasicACLPermission.READ, identity))
+         boolean isGranted = false;
+         try
          {
+            // check the identity has the READ permission on the resource.
+            isGranted = this.provider.isAccessGranted(resource, identity, BasicACLPermission.READ);
+         }
+         catch (AuthorizationException ae)
+         {
+            fail("Unexpected exception: " + ae.getMessage());
+         }
+         if (isGranted)
+         {
             filteredResources.add(resource);
          }
       }
@@ -206,28 +208,17 @@
     */
    private void updateResource(TestResource resource, Identity identity)
    {
-      // update the resource's name, checking the identity's permission first.
-      ACL acl = this.provider.getACL(resource);
-      assertNotNull(acl);
-      if (acl.isGranted(BasicACLPermission.UPDATE, identity))
+      boolean isGranted = false;
+      try
+      {
+         isGranted = this.provider.isAccessGranted(resource, identity, BasicACLPermission.UPDATE);
+      }
+      catch (AuthorizationException ae)
+      {
+         fail("Unexpected exception: " + ae.getMessage());
+      }
+      if (isGranted)
          resource.setResourceName("Changed Name");
    }
 
-   /**
-    * <p>
-    * Utility method that uses ACLs to decide if the specified identity is allowed to remove the resource from
-    * the resources array.
-    * </p>
-    * 
-    * @param resourceIndex  the index of the {@code TestResource} to be removed in the resources array.
-    * @param identity   the {@code Identity} that wants to remove the resource.
-    */
-   private void removeResource(int resourceIndex, Identity identity)
-   {
-      // check the identity's permission.
-      ACL acl = this.provider.getACL(this.resources[resourceIndex]);
-      assertNotNull(acl);
-      if (acl.isGranted(BasicACLPermission.DELETE, identity))
-         this.resources[resourceIndex] = null;
-   }
 }

Copied: projects/security/security-jboss-sx/trunk/acl/src/tests/org/jboss/test/security/acl/JPAStrategyUnitTestCase.java (from rev 69795, projects/security/security-jboss-sx/trunk/acl/src/tests/org/jboss/test/security/acl/ACLProviderUnitTestCase.java)
===================================================================
--- projects/security/security-jboss-sx/trunk/acl/src/tests/org/jboss/test/security/acl/JPAStrategyUnitTestCase.java	                        (rev 0)
+++ projects/security/security-jboss-sx/trunk/acl/src/tests/org/jboss/test/security/acl/JPAStrategyUnitTestCase.java	2008-02-21 20:06:42 UTC (rev 70015)
@@ -0,0 +1,187 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2005, JBoss Inc., and individual contributors as indicated
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.test.security.acl;
+
+import java.util.ArrayList;
+import java.util.Collection;
+
+import junit.framework.TestCase;
+
+import org.jboss.security.acl.ACL;
+import org.jboss.security.acl.ACLEntry;
+import org.jboss.security.acl.ACLEntryImpl;
+import org.jboss.security.acl.ACLImpl;
+import org.jboss.security.acl.ACLPersistenceStrategy;
+import org.jboss.security.acl.BasicACLPermission;
+import org.jboss.security.acl.JPAPersistenceStrategy;
+import org.jboss.security.identity.plugins.IdentityFactory;
+
+/**
+ * <p>
+ * This {@code TestCase} tests the funcionality exposed by the {@code ACLProvider} 
+ * interface
+ * </p>
+ * 
+ * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
+ */
+public class JPAStrategyUnitTestCase extends TestCase
+{
+   private TestResource[] resources;
+
+   private Collection<ACL> createdACLs;
+
+   private ACLPersistenceStrategy strategy;
+
+   @Override
+   protected void setUp() throws Exception
+   {
+      // create some test resources to be used by the tests.
+      this.resources = new TestResource[10];
+      for (int index = 0; index < this.resources.length; index++)
+         this.resources[index] = new TestResource(index + 1);
+      this.createdACLs = new ArrayList<ACL>();
+      this.strategy = new JPAPersistenceStrategy();
+   }
+
+   @Override
+   protected void tearDown() throws Exception
+   {
+      for (ACL acl : this.createdACLs)
+         this.strategy.removeACL(acl);
+   }
+
+   /**
+    * <p>
+    * Tests the creation of ACLs for resources.
+    * </p>
+    * 
+    * @throws Exception if an error occurs when running the test.
+    */
+   public void testACLCreation() throws Exception
+   {
+      // assert no ACL exists for any of the resources.
+      for (int index = 0; index < this.resources.length; index++)
+         assertNull(this.strategy.getACL(this.resources[index]));
+
+      // create ACLs for half of the resources.
+      for (int index = 0; index < this.resources.length / 2; index++)
+      {
+         ACL acl = this.strategy.createACL(this.resources[index]);
+         this.createdACLs.add(acl);
+         assertNotNull(acl);
+         assertEquals("Unexpected entries found", 0, acl.getEntries().size());
+         assertEquals("Unexpected resource", this.resources[index], acl.getResource());
+      }
+
+      // assert no ACL still exists for the remaining resources.
+      int index = (this.resources.length / 2) + 1;
+      for (; index < this.resources.length; index++)
+         assertNull(this.strategy.getACL(this.resources[index]));
+
+      // assert that an ACL cannot be created for a null resource.
+      boolean caughtException = false;
+      try
+      {
+         this.strategy.createACL(null);
+      }
+      catch (IllegalArgumentException iae)
+      {
+         caughtException = true;
+      }
+      assertTrue("Expected exception not thrown", caughtException);
+   }
+
+   /**
+    * <p>
+    * Tests the update of existing ACLs.
+    * </p>
+    * 
+    * @throws Exception if an error occurs when running the test.
+    */
+   public void testACLUpdate() throws Exception
+   {
+      // create an empty ACL.
+      ACL acl = this.strategy.createACL(this.resources[0]);
+      this.createdACLs.add(acl);
+      assertEquals("Unexpected entries found", 0, acl.getEntries().size());
+
+      // add some entries to the ACL.
+      int entriesNumber = 20;
+      for (int i = 0; i < entriesNumber; i++)
+      {
+         ACLEntry entry = new ACLEntryImpl(BasicACLPermission.CREATE, IdentityFactory.createIdentity("Identity" + i));
+         acl.addEntry(entry);
+      }
+      assertTrue("Failed to update the ACL", this.strategy.updateACL(acl));
+
+      // retrieve the ACL again and check it has the added entries.
+      acl = this.strategy.getACL(this.resources[0]);
+      assertEquals("Invalid number of entries", entriesNumber, acl.getEntries().size());
+
+      // now remove one of the entries.
+      ACLEntry entry = acl.getEntries().iterator().next();
+      acl.removeEntry(entry);
+      assertTrue("Failed to update the ACL", this.strategy.updateACL(acl));
+
+      // retrieve the ACL again and check it has one less entry.
+      acl = this.strategy.getACL(this.resources[0]);
+      assertEquals("Invalid number of entries", entriesNumber - 1, acl.getEntries().size());
+
+      // assert that update fails for an ACL not managed by the strategy.
+      Collection<ACLEntry> entries = new ArrayList<ACLEntry>();
+      entries.add(new ACLEntryImpl(BasicACLPermission.UPDATE, IdentityFactory.createIdentity("Another Identity")));
+      ACL otherACL = new ACLImpl(this.resources[1], entries);
+      assertFalse(this.strategy.updateACL(otherACL));
+   }
+
+   /**
+    * <p>
+    * Tests the removal of existing ACLs.
+    * </p>
+    * 
+    * @throws Exception if an error occurs when running the test.
+    */
+   public void testACLRemoval() throws Exception
+   {
+      ACL[] acls = new ACL[this.resources.length];
+      for (int index = 0; index < this.resources.length; index++)
+      {
+         acls[index] = this.strategy.createACL(this.resources[index]);
+         this.createdACLs.add(acls[index]);
+      }
+
+      // remove some ACLs.
+      for (int index = 0; index < this.resources.length / 2; index++)
+      {
+         assertTrue(this.strategy.removeACL(acls[index]));
+         // assert no ACL is associated to the resources anymore.
+         assertNull(this.strategy.getACL(this.resources[index]));
+         // removing an ACL that is not managed anymore by the strategy must return false.
+         assertFalse(this.strategy.removeACL(acls[index]));
+      }
+
+      // assert the remaining resources are still associated with an ACL.
+      int index = (this.resources.length / 2) + 1;
+      for (; index < this.resources.length; index++)
+         assertNotNull(this.strategy.getACL(this.resources[index]));
+   }
+}

Added: projects/security/security-jboss-sx/trunk/acl/src/tests/org/jboss/test/security/acl/TestACLRegistration.java
===================================================================
--- projects/security/security-jboss-sx/trunk/acl/src/tests/org/jboss/test/security/acl/TestACLRegistration.java	                        (rev 0)
+++ projects/security/security-jboss-sx/trunk/acl/src/tests/org/jboss/test/security/acl/TestACLRegistration.java	2008-02-21 20:06:42 UTC (rev 70015)
@@ -0,0 +1,59 @@
+package org.jboss.test.security.acl;
+
+import java.util.Collection;
+
+import org.jboss.security.acl.ACLEntry;
+import org.jboss.security.acl.ACLPersistenceStrategy;
+import org.jboss.security.acl.ACLRegistration;
+import org.jboss.security.authorization.Resource;
+
+/**
+ * <p>
+ * A simple implementation of {@code ACLRegistration} for tests purposes. It uses a {@code ACLPersistenceStrategy}
+ * to persist/remove the {@code ACL}s upon registration/deregistration.
+ * </p>
+ * 
+ * @author <a href="mailto:sguilhen at redhat.com">Stefan Guilhen</a>
+ */
+public class TestACLRegistration implements ACLRegistration
+{
+
+   private final ACLPersistenceStrategy strategy;
+
+   /**
+    * <p>
+    * Builds an instance of {@code TestACLRegistration}.
+    * </p>
+    * 
+    * @param strategy   the {@code ACLPersistenceStrategy} to be used by this implementation.
+    */
+   public TestACLRegistration(ACLPersistenceStrategy strategy)
+   {
+      this.strategy = strategy;
+   }
+
+   /**
+    * @see org.jboss.security.acl.ACLRegistration#deRegisterACL(org.jboss.security.authorization.Resource)
+    */
+   public void deRegisterACL(Resource resource)
+   {
+      this.strategy.removeACL(resource);
+   }
+
+   /**
+    * @see org.jboss.security.acl.ACLRegistration#registerACL(org.jboss.security.authorization.Resource)
+    */
+   public void registerACL(Resource resource)
+   {
+      this.strategy.createACL(resource);
+   }
+
+   /**
+    * @see org.jboss.security.acl.ACLRegistration#registerACL(org.jboss.security.authorization.Resource, java.util.Collection)
+    */
+   public void registerACL(Resource resource, Collection<ACLEntry> entries)
+   {
+      this.strategy.createACL(resource, entries);
+   }
+
+}




More information about the jboss-cvs-commits mailing list