[jboss-svn-commits] JBL Code SVN: r36353 - labs/jbossrules/trunk/drools-guvnor/src/test/java/org/drools/guvnor/server/security.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Fri Dec 10 10:56:21 EST 2010
Author: tsurdilovic
Date: 2010-12-10 10:56:20 -0500 (Fri, 10 Dec 2010)
New Revision: 36353
Added:
labs/jbossrules/trunk/drools-guvnor/src/test/java/org/drools/guvnor/server/security/RoleBasedPermissionResolverTest.java
Log:
moved test to org.drools.guvnor.server
Copied: labs/jbossrules/trunk/drools-guvnor/src/test/java/org/drools/guvnor/server/security/RoleBasedPermissionResolverTest.java (from rev 36346, labs/jbossrules/trunk/drools-guvnor/src/test/java/org/jboss/seam/security/permission/RoleBasedPermissionResolverTest.java)
===================================================================
--- labs/jbossrules/trunk/drools-guvnor/src/test/java/org/drools/guvnor/server/security/RoleBasedPermissionResolverTest.java (rev 0)
+++ labs/jbossrules/trunk/drools-guvnor/src/test/java/org/drools/guvnor/server/security/RoleBasedPermissionResolverTest.java 2010-12-10 15:56:20 UTC (rev 36353)
@@ -0,0 +1,598 @@
+/**
+ * Copyright 2010 JBoss Inc
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.drools.guvnor.server.security;
+
+/*
+ * Copyright 2005 JBoss Inc
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.drools.guvnor.server.security.RoleBasedPermissionResolver;
+import org.drools.guvnor.server.ServiceImplementation;
+import org.drools.guvnor.server.security.CategoryPathType;
+import org.drools.guvnor.server.security.PackageNameType;
+import org.drools.guvnor.server.security.RoleBasedPermission;
+import org.drools.guvnor.server.security.RoleBasedPermissionManager;
+import org.drools.guvnor.server.security.RoleTypes;
+import org.drools.guvnor.server.security.WebDavPackageNameType;
+import org.drools.guvnor.server.util.TestEnvironmentSessionHelper;
+import org.drools.repository.RulesRepository;
+import org.jboss.seam.contexts.Contexts;
+import org.jboss.seam.contexts.Lifecycle;
+import org.junit.Test;
+
+public class RoleBasedPermissionResolverTest {
+
+ public void testDummy() throws Exception {
+ assertTrue( true );
+ }
+
+ @Test
+ public void testCategoryBasedPermissionAnalyst() throws Exception {
+ //NOTE: Have to have this call, otherwise this test will fail others tests. Seems to be related to
+ //how Seam context initializes the JCR repository, but dont know the exact cause yet.
+ ServiceImplementation impl = new ServiceImplementation();
+ impl.repository = new RulesRepository(TestEnvironmentSessionHelper
+ .getSession());
+
+ //Mock up SEAM contexts
+ Map<String, Object> application = new HashMap<String, Object>();
+ Lifecycle.beginApplication( application );
+ Lifecycle.beginCall();
+ MockIdentity midentity = new MockIdentity();
+ Contexts.getSessionContext().set( "org.jboss.seam.security.identity",
+ midentity );
+ String package1Name = "testCategoryBasedPermissionAnalystPackageName1";
+ String package2Name = "testCategoryBasedPermissionAnalystPackageName2";
+
+ List<RoleBasedPermission> pbps = new ArrayList<RoleBasedPermission>();
+ pbps.add( new RoleBasedPermission( "jervis",
+ RoleTypes.PACKAGE_ADMIN,
+ package1Name,
+ null ) );
+ pbps.add( new RoleBasedPermission( "jervis",
+ RoleTypes.PACKAGE_READONLY,
+ package2Name,
+ null ) );
+ pbps.add( new RoleBasedPermission( "jervis",
+ RoleTypes.ANALYST,
+ null,
+ "category1" ) );
+ pbps.add( new RoleBasedPermission( "jervis",
+ RoleTypes.ANALYST,
+ null,
+ "category2" ) );
+ MockRoleBasedPermissionStore store = new MockRoleBasedPermissionStore( pbps );
+ Contexts.getSessionContext().set( "org.drools.guvnor.server.security.RoleBasedPermissionStore",
+ store );
+
+ // Put permission list in session.
+ RoleBasedPermissionManager testManager = new RoleBasedPermissionManager();
+ testManager.create();
+ Contexts.getSessionContext().set( "roleBasedPermissionManager",
+ testManager );
+
+ RoleBasedPermissionResolver resolver = new RoleBasedPermissionResolver();
+ resolver.setEnableRoleBasedAuthorization( true );
+
+ assertTrue( resolver.hasPermission( new CategoryPathType( "category1" ),
+ null ) );
+ assertTrue( resolver.hasPermission( new CategoryPathType( "category2" ),
+ null ) );
+ assertFalse( resolver.hasPermission( new CategoryPathType( "category3/category3" ),
+ null ) );
+ assertTrue( resolver.hasPermission( new CategoryPathType( "/category1/category2" ),
+ null ) );
+
+ assertTrue( resolver.hasPermission( new CategoryPathType( "category2" ),
+ RoleTypes.ANALYST ) );
+ assertTrue( resolver.hasPermission( new CategoryPathType( "category2" ),
+ RoleTypes.ANALYST_READ ) );
+
+ assertFalse( resolver.hasPermission( new CategoryPathType( "category3/category3" ),
+ RoleTypes.ANALYST ) );
+ assertFalse( resolver.hasPermission( new CategoryPathType( "category3/category3" ),
+ RoleTypes.ANALYST_READ ) );
+
+ //Lifecycle.endCall();
+ Lifecycle.endApplication();
+ }
+
+ @Test
+ public void testCategoryBasedPermissionAnalystReadOnly() throws Exception {
+ // Mock up SEAM contexts
+ Map<String, Object> application = new HashMap<String, Object>();
+ Lifecycle.beginApplication( application );
+ Lifecycle.beginCall();
+ MockIdentity midentity = new MockIdentity();
+ Contexts.getSessionContext().set( "org.jboss.seam.security.identity",
+ midentity );
+ String package1Name = "testCategoryBasedPermissionAnalystPackageName1";
+ String package2Name = "testCategoryBasedPermissionAnalystPackageName2";
+
+ String categoryPath = "category1";
+ String categoryPath2 = "category2";
+
+ List<RoleBasedPermission> pbps = new ArrayList<RoleBasedPermission>();
+ pbps.add( new RoleBasedPermission( "jervis",
+ RoleTypes.PACKAGE_ADMIN,
+ package1Name,
+ null ) );
+ pbps.add( new RoleBasedPermission( "jervis",
+ RoleTypes.PACKAGE_READONLY,
+ package2Name,
+ null ) );
+ pbps.add( new RoleBasedPermission( "jervis",
+ RoleTypes.ANALYST_READ,
+ null,
+ categoryPath ) );
+ pbps.add( new RoleBasedPermission( "jervis",
+ RoleTypes.ANALYST,
+ null,
+ categoryPath2 ) );
+ MockRoleBasedPermissionStore store = new MockRoleBasedPermissionStore( pbps );
+ Contexts.getSessionContext().set( "org.drools.guvnor.server.security.RoleBasedPermissionStore",
+ store );
+
+ // Put permission list in session.
+ RoleBasedPermissionManager testManager = new RoleBasedPermissionManager();
+ testManager.create();
+ Contexts.getSessionContext().set( "roleBasedPermissionManager",
+ testManager );
+
+ RoleBasedPermissionResolver resolver = new RoleBasedPermissionResolver();
+ resolver.setEnableRoleBasedAuthorization( true );
+
+ assertFalse( resolver.hasPermission( new CategoryPathType( categoryPath ),
+ null ) );
+ assertTrue( resolver.hasPermission( new CategoryPathType( categoryPath2 ),
+ null ) );
+ assertFalse( resolver.hasPermission( new CategoryPathType( "category3/category3" ),
+ null ) );
+ assertTrue( resolver.hasPermission( new CategoryPathType( categoryPath ),
+ RoleTypes.ANALYST_READ ) );
+ assertFalse( resolver.hasPermission( new CategoryPathType( categoryPath ),
+ RoleTypes.ANALYST ) );
+
+ assertTrue( resolver.hasPermission( new CategoryPathType( categoryPath2 ),
+ RoleTypes.ANALYST ) );
+ assertTrue( resolver.hasPermission( new CategoryPathType( categoryPath2 ),
+ RoleTypes.ANALYST_READ ) );
+
+ Lifecycle.endApplication();
+ }
+
+ @Test
+ public void testCategoryBasedPermissionAnalystReadOnly2() throws Exception {
+ // Mock up SEAM contexts
+ Map<String, Object> application = new HashMap<String, Object>();
+ Lifecycle.beginApplication( application );
+ Lifecycle.beginCall();
+ MockIdentity midentity = new MockIdentity();
+ Contexts.getSessionContext().set( "org.jboss.seam.security.identity",
+ midentity );
+
+ String categoryPath = "category1";
+
+ List<RoleBasedPermission> pbps = new ArrayList<RoleBasedPermission>();
+ pbps.add( new RoleBasedPermission( "jervis",
+ RoleTypes.ANALYST_READ,
+ null,
+ categoryPath ) );
+ MockRoleBasedPermissionStore store = new MockRoleBasedPermissionStore( pbps );
+ Contexts.getSessionContext().set( "org.drools.guvnor.server.security.RoleBasedPermissionStore",
+ store );
+
+ // Put permission list in session.
+ RoleBasedPermissionManager testManager = new RoleBasedPermissionManager();
+ testManager.create();
+ Contexts.getSessionContext().set( "roleBasedPermissionManager",
+ testManager );
+
+ RoleBasedPermissionResolver resolver = new RoleBasedPermissionResolver();
+ resolver.setEnableRoleBasedAuthorization( true );
+
+ assertTrue( resolver.hasPermission( new CategoryPathType( categoryPath ),
+ RoleTypes.ANALYST_READ ) );
+ assertFalse( resolver.hasPermission( new CategoryPathType( categoryPath ),
+ RoleTypes.ANALYST ) );
+
+ Lifecycle.endApplication();
+ }
+
+ @Test
+ public void testIsSubPath() {
+ RoleBasedPermissionResolver pr = new RoleBasedPermissionResolver();
+ assertTrue( pr.isSubPath( "foo",
+ "foo/bar" ) );
+ assertTrue( pr.isSubPath( "foo",
+ "/foo/bar" ) );
+ assertTrue( pr.isSubPath( "/foo/bar",
+ "/foo/bar" ) );
+ assertFalse( pr.isSubPath( "/foo/bar",
+ "foo" ) );
+
+ assertTrue( pr.isSubPath( "foo",
+ "foo/bar/baz" ) );
+ assertTrue( pr.isSubPath( "foo/bar",
+ "foo/bar/baz" ) );
+ assertFalse( pr.isSubPath( "wang",
+ "foo/bar/baz" ) );
+ assertFalse( pr.isSubPath( "wang/whee",
+ "foo/bar/baz" ) );
+
+ assertFalse( pr.isSubPath( "foo1",
+ "foo2" ) );
+ assertTrue( pr.isSubPath( "foo1",
+ "foo1" ) );
+ }
+
+ @Test
+ /**
+ * This tests that we can navigate the tree if we have sub path permissions.
+ */
+ public void testCategoryBasedSubPerms() throws Exception {
+ //Mock up SEAM contexts
+ Map<String, Object> application = new HashMap<String, Object>();
+ Lifecycle.beginApplication( application );
+ Lifecycle.beginCall();
+ MockIdentity midentity = new MockIdentity();
+ Contexts.getSessionContext().set( "org.jboss.seam.security.identity",
+ midentity );
+
+ List<RoleBasedPermission> pbps = new ArrayList<RoleBasedPermission>();
+ pbps.add( new RoleBasedPermission( "jervis",
+ RoleTypes.ANALYST_READ,
+ null,
+ "category1/sub1" ) );
+ pbps.add( new RoleBasedPermission( "jervis",
+ RoleTypes.ANALYST,
+ null,
+ "category2/sub1/sub2" ) );
+ pbps.add( new RoleBasedPermission( "jervis",
+ RoleTypes.ANALYST,
+ null,
+ "category4" ) );
+ MockRoleBasedPermissionStore store = new MockRoleBasedPermissionStore( pbps );
+ Contexts.getSessionContext().set( "org.drools.guvnor.server.security.RoleBasedPermissionStore",
+ store );
+
+ // Put permission list in session.
+ RoleBasedPermissionManager testManager = new RoleBasedPermissionManager();
+ testManager.create();
+ Contexts.getSessionContext().set( "roleBasedPermissionManager",
+ testManager );
+
+ RoleBasedPermissionResolver resolver = new RoleBasedPermissionResolver();
+ resolver.setEnableRoleBasedAuthorization( true );
+
+ assertFalse( resolver.hasPermission( new CategoryPathType( "category1" ),
+ null ) );
+ assertFalse( resolver.hasPermission( new CategoryPathType( "category2" ),
+ null ) );
+ assertFalse( resolver.hasPermission( new CategoryPathType( "category1" ),
+ RoleTypes.ANALYST_READ ) );
+ assertFalse( resolver.hasPermission( new CategoryPathType( "category2/sub1" ),
+ RoleTypes.ANALYST_READ ) );
+ assertFalse( resolver.hasPermission( new CategoryPathType( "category1" ),
+ RoleTypes.ANALYST ) );
+
+ assertTrue( resolver.hasPermission( new CategoryPathType( "category1/sub1" ),
+ RoleTypes.ANALYST_READ ) );
+ assertTrue( resolver.hasPermission( new CategoryPathType( "category2/sub1/sub2" ),
+ RoleTypes.ANALYST ) );
+ assertTrue( resolver.hasPermission( new CategoryPathType( "category2/sub1/sub2" ),
+ null ) );
+
+ assertTrue( resolver.hasPermission( new CategoryPathType( "category4" ),
+ "navigate" ) );
+ assertTrue( resolver.hasPermission( new CategoryPathType( "category1" ),
+ "navigate" ) );
+ assertTrue( resolver.hasPermission( new CategoryPathType( "category2" ),
+ "navigate" ) );
+ assertTrue( resolver.hasPermission( new CategoryPathType( "category1/sub1" ),
+ "navigate" ) );
+ assertTrue( resolver.hasPermission( new CategoryPathType( "category2/sub1" ),
+ "navigate" ) );
+ assertTrue( resolver.hasPermission( new CategoryPathType( "category1/sub1/sub2" ),
+ "navigate" ) );
+ assertFalse( resolver.hasPermission( new CategoryPathType( "category3" ),
+ "navigate" ) );
+ Lifecycle.endApplication();
+
+ }
+
+ @Test
+ //admin: everything
+ public void testPackageBasedPermissionAdmin() throws Exception {
+ //Mock up SEAM contexts
+ Map<String, Object> application = new HashMap<String, Object>();
+ Lifecycle.beginApplication( application );
+ Lifecycle.beginCall();
+ MockIdentity midentity = new MockIdentity();
+ Contexts.getSessionContext().set( "org.jboss.seam.security.identity",
+ midentity );
+ String package1Name = "testPackageBasedPermissionAdminPackageName1";
+ String package2Name = "testPackageBasedPermissionAdminPackageName2";
+
+ List<RoleBasedPermission> pbps = new ArrayList<RoleBasedPermission>();
+ pbps.add( new RoleBasedPermission( "jervis",
+ RoleTypes.ADMIN,
+ package1Name,
+ null ) );
+ pbps.add( new RoleBasedPermission( "jervis",
+ RoleTypes.PACKAGE_READONLY,
+ package2Name,
+ null ) );
+ MockRoleBasedPermissionStore store = new MockRoleBasedPermissionStore( pbps );
+ Contexts.getSessionContext().set( "org.drools.guvnor.server.security.RoleBasedPermissionStore",
+ store );
+
+ // Put permission list in session.
+ RoleBasedPermissionManager testManager = new RoleBasedPermissionManager();
+ testManager.create();
+ Contexts.getSessionContext().set( "roleBasedPermissionManager",
+ testManager );
+
+ RoleBasedPermissionResolver resolver = new RoleBasedPermissionResolver();
+ resolver.setEnableRoleBasedAuthorization( true );
+
+ assertTrue( resolver.hasPermission( new PackageNameType( package1Name ),
+ RoleTypes.ADMIN ) );
+ assertTrue( resolver.hasPermission( new PackageNameType( package2Name ),
+ RoleTypes.ADMIN ) );
+
+ Lifecycle.endApplication();
+ }
+
+ @Test
+ //Package.admin: everything for that package, including creating snapshots for that package.
+ public void testPackageBasedPermissionPackageAdmin() throws Exception {
+ //Mock up SEAM contexts
+ Map<String, Object> application = new HashMap<String, Object>();
+ Lifecycle.beginApplication( application );
+ Lifecycle.beginCall();
+ MockIdentity midentity = new MockIdentity();
+ Contexts.getSessionContext().set( "org.jboss.seam.security.identity",
+ midentity );
+
+ String packageName = "testPackageBasedPermissionPackageAdminPackageName";
+
+ List<RoleBasedPermission> pbps = new ArrayList<RoleBasedPermission>();
+ pbps.add( new RoleBasedPermission( "jervis",
+ RoleTypes.PACKAGE_ADMIN,
+ packageName,
+ null ) );
+ MockRoleBasedPermissionStore store = new MockRoleBasedPermissionStore( pbps );
+ Contexts.getSessionContext().set( "org.drools.guvnor.server.security.RoleBasedPermissionStore",
+ store );
+
+ // Put permission list in session.
+ RoleBasedPermissionManager testManager = new RoleBasedPermissionManager();
+ testManager.create();
+ Contexts.getSessionContext().set( "roleBasedPermissionManager",
+ testManager );
+
+ RoleBasedPermissionResolver resolver = new RoleBasedPermissionResolver();
+ resolver.setEnableRoleBasedAuthorization( true );
+
+ assertTrue( resolver.hasPermission( new PackageNameType( packageName ),
+ RoleTypes.PACKAGE_ADMIN ) );
+ assertTrue( resolver.hasPermission( new PackageNameType( packageName ),
+ RoleTypes.PACKAGE_DEVELOPER ) );
+ assertTrue( resolver.hasPermission( new PackageNameType( packageName ),
+ RoleTypes.PACKAGE_READONLY ) );
+
+ assertFalse( resolver.hasPermission( "47982482-7912-4881-97ec-e852494383d7",
+ RoleTypes.PACKAGE_READONLY ) );
+
+ Lifecycle.endApplication();
+ }
+
+ @Test
+ //Package.admin: everything for that package, including creating snapshots for that package.
+ public void testPackageBasedWebDavPermissionPackageAdmin() throws Exception {
+ //Mock up SEAM contexts
+ Map<String, Object> application = new HashMap<String, Object>();
+ Lifecycle.beginApplication( application );
+ Lifecycle.beginCall();
+ MockIdentity midentity = new MockIdentity();
+ Contexts.getSessionContext().set( "org.jboss.seam.security.identity",
+ midentity );
+
+ String packageName = "testPackageBasedWebDavPermissionPackageAdmin";
+
+ List<RoleBasedPermission> pbps = new ArrayList<RoleBasedPermission>();
+ pbps.add( new RoleBasedPermission( "analyst",
+ RoleTypes.ANALYST,
+ packageName,
+ null ) );
+ MockRoleBasedPermissionStore store = new MockRoleBasedPermissionStore( pbps );
+ Contexts.getSessionContext().set( "org.drools.guvnor.server.security.RoleBasedPermissionStore",
+ store );
+
+ // Put permission list in session.
+ RoleBasedPermissionManager testManager = new RoleBasedPermissionManager();
+ testManager.create();
+ Contexts.getSessionContext().set( "roleBasedPermissionManager",
+ testManager );
+
+ RoleBasedPermissionResolver resolver = new RoleBasedPermissionResolver();
+ resolver.setEnableRoleBasedAuthorization( true );
+ assertFalse( resolver.hasPermission( new WebDavPackageNameType( packageName ),
+ RoleTypes.ANALYST ) );
+ assertFalse( resolver.hasPermission( new WebDavPackageNameType( packageName ),
+ RoleTypes.ANALYST_READ ) );
+
+ assertFalse( resolver.hasPermission( "47982482-7912-4881-97ec-e852494383d7",
+ RoleTypes.PACKAGE_READONLY ) );
+
+ Lifecycle.endApplication();
+ }
+
+ @Test
+ //Package.developer: everything for that package, NOT snapshots (can view snapshots of that package only)
+ public void testPackageBasedPermissionPackageDeveloper() throws Exception {
+ //Mock up SEAM contexts
+ Map<String, Object> application = new HashMap<String, Object>();
+ Lifecycle.beginApplication( application );
+ Lifecycle.beginCall();
+ MockIdentity midentity = new MockIdentity();
+ Contexts.getSessionContext().set( "org.jboss.seam.security.identity",
+ midentity );
+ String package1Name = "testPackageBasedPermissionPackageDeveloperPackageName1";
+ String package2Name = "testPackageBasedPermissionPackageDeveloperPackageName2";
+
+ List<RoleBasedPermission> pbps = new ArrayList<RoleBasedPermission>();
+ pbps.add( new RoleBasedPermission( "jervis",
+ RoleTypes.PACKAGE_DEVELOPER,
+ package1Name,
+ null ) );
+ MockRoleBasedPermissionStore store = new MockRoleBasedPermissionStore( pbps );
+ Contexts.getSessionContext().set( "org.drools.guvnor.server.security.RoleBasedPermissionStore",
+ store );
+
+ // Put permission list in session.
+ RoleBasedPermissionManager testManager = new RoleBasedPermissionManager();
+ testManager.create();
+ Contexts.getSessionContext().set( "roleBasedPermissionManager",
+ testManager );
+
+ RoleBasedPermissionResolver resolver = new RoleBasedPermissionResolver();
+ resolver.setEnableRoleBasedAuthorization( true );
+
+ assertFalse( resolver.hasPermission( new PackageNameType( package1Name ),
+ RoleTypes.PACKAGE_ADMIN ) );
+ assertTrue( resolver.hasPermission( new PackageNameType( package1Name ),
+ RoleTypes.PACKAGE_DEVELOPER ) );
+ assertTrue( resolver.hasPermission( new PackageNameType( package1Name ),
+ RoleTypes.PACKAGE_READONLY ) );
+
+ assertFalse( resolver.hasPermission( package2Name,
+ RoleTypes.PACKAGE_READONLY ) );
+
+ Lifecycle.endApplication();
+ }
+
+ @Test
+ //Package.readonly: read only as the name suggested
+ public void testPackageBasedPermissionPackageReadOnly() throws Exception {
+ //Mock up SEAM contexts
+ Map<String, Object> application = new HashMap<String, Object>();
+ Lifecycle.beginApplication( application );
+ Lifecycle.beginCall();
+ MockIdentity midentity = new MockIdentity();
+ Contexts.getSessionContext().set( "org.jboss.seam.security.identity",
+ midentity );
+ String package1Name = "testPackageBasedPermissionPackageReadOnlyPackageName1";
+ String package2Name = "testPackageBasedPermissionPackageReadOnlyPackageName2";
+
+ List<RoleBasedPermission> pbps = new ArrayList<RoleBasedPermission>();
+ pbps.add( new RoleBasedPermission( "jervis",
+ RoleTypes.PACKAGE_READONLY,
+ package1Name,
+ null ) );
+ MockRoleBasedPermissionStore store = new MockRoleBasedPermissionStore( pbps );
+ Contexts.getSessionContext().set( "org.drools.guvnor.server.security.RoleBasedPermissionStore",
+ store );
+
+ // Put permission list in session.
+ RoleBasedPermissionManager testManager = new RoleBasedPermissionManager();
+ testManager.create();
+ Contexts.getSessionContext().set( "roleBasedPermissionManager",
+ testManager );
+
+ RoleBasedPermissionResolver resolver = new RoleBasedPermissionResolver();
+ resolver.setEnableRoleBasedAuthorization( true );
+
+ assertFalse( resolver.hasPermission( new PackageNameType( package1Name ),
+ RoleTypes.PACKAGE_DEVELOPER ) );
+ assertFalse( resolver.hasPermission( new PackageNameType( package1Name ),
+ RoleTypes.PACKAGE_DEVELOPER ) );
+ assertTrue( resolver.hasPermission( new PackageNameType( package1Name ),
+ RoleTypes.PACKAGE_READONLY ) );
+
+ assertFalse( resolver.hasPermission( package2Name,
+ RoleTypes.PACKAGE_READONLY ) );
+
+ Lifecycle.endApplication();
+ }
+
+ @Test
+ public void testPackageBasedPermissionAnalyst() throws Exception {
+ //Mock up SEAM contexts
+ Map<String, Object> application = new HashMap<String, Object>();
+ Lifecycle.beginApplication( application );
+ Lifecycle.beginCall();
+ MockIdentity midentity = new MockIdentity();
+ Contexts.getSessionContext().set( "org.jboss.seam.security.identity",
+ midentity );
+ String package1Name = "testPackageBasedPermissionAnalystPackageName1";
+ String package2Name = "testPackageBasedPermissionAnalystPackageName2";
+
+ List<RoleBasedPermission> pbps = new ArrayList<RoleBasedPermission>();
+ pbps.add( new RoleBasedPermission( "jervis",
+ RoleTypes.PACKAGE_READONLY,
+ package1Name,
+ null ) );
+ pbps.add( new RoleBasedPermission( "jervis",
+ RoleTypes.ANALYST,
+ null,
+ "category1" ) );
+ MockRoleBasedPermissionStore store = new MockRoleBasedPermissionStore( pbps );
+ Contexts.getSessionContext().set( "org.drools.guvnor.server.security.RoleBasedPermissionStore",
+ store );
+
+ // Put permission list in session.
+ RoleBasedPermissionManager testManager = new RoleBasedPermissionManager();
+ testManager.create();
+ Contexts.getSessionContext().set( "roleBasedPermissionManager",
+ testManager );
+
+ RoleBasedPermissionResolver resolver = new RoleBasedPermissionResolver();
+ resolver.setEnableRoleBasedAuthorization( true );
+
+ assertFalse( resolver.hasPermission( new PackageNameType( package1Name ),
+ RoleTypes.ANALYST ) );
+ assertFalse( resolver.hasPermission( new PackageNameType( package2Name ),
+ RoleTypes.ANALYST ) );
+ assertTrue( resolver.hasPermission( new CategoryPathType( "category1" ),
+ RoleTypes.ANALYST ) );
+
+ Lifecycle.endApplication();
+ }
+
+}
More information about the jboss-svn-commits
mailing list