[portal-commits] JBoss Portal SVN: r11803 - in modules/cms/trunk/cms-jackrabbit/src: test/java/org/jboss/portal/cms/test/security and 1 other directories.
portal-commits at lists.jboss.org
portal-commits at lists.jboss.org
Thu Sep 4 08:28:53 EDT 2008
Author: thomas.heute at jboss.com
Date: 2008-09-04 08:28:53 -0400 (Thu, 04 Sep 2008)
New Revision: 11803
Added:
modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/security/DummyCommand.java
modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/security/TestACLEnforcer.java
modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/security/TestAuthorizationManagerImpl.java
modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/security/TestNewReadCommand.java
Modified:
modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/ACLEnforcer.java
modules/cms/trunk/cms-jackrabbit/src/test/resources/jboss-unit.xml
Log:
Merging old cms with CMS module
Modified: modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/ACLEnforcer.java
===================================================================
--- modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/ACLEnforcer.java 2008-09-04 11:29:22 UTC (rev 11802)
+++ modules/cms/trunk/cms-jackrabbit/src/main/java/org/jboss/portal/cms/impl/jcr/command/ACLEnforcer.java 2008-09-04 12:28:53 UTC (rev 11803)
@@ -196,7 +196,7 @@
* @param command
* @return
*/
- private boolean hasReadAccess(User user, JCRCommand command)
+ protected boolean hasReadAccess(User user, JCRCommand command)
{
boolean hasReadAccess = false;
@@ -217,9 +217,12 @@
{
path = ((FileGetListCommand)command).sFilePath;
}
+
+ if (path != null)
+ {
+ hasReadAccess = this.hasReadAccess(user, path);
+ }
- hasReadAccess = this.hasReadAccess(user, path);
-
return hasReadAccess;
}
@@ -229,7 +232,7 @@
* @param path
* @return
*/
- private boolean hasReadAccess(User user, String path)
+ protected boolean hasReadAccess(User user, String path)
{
boolean hasAccess = this.computeAccess(user, path, "read");
if (!hasAccess)
@@ -250,7 +253,7 @@
* @param command
* @return
*/
- private boolean hasWriteAccess(User user, JCRCommand command)
+ protected boolean hasWriteAccess(User user, JCRCommand command)
{
boolean hasWriteAccess = false;
@@ -284,11 +287,14 @@
path = ((UpdateFileCommand)command).getPath();
}
- hasWriteAccess = this.computeAccess(user, path, "write");
- if (!hasWriteAccess)
+ if (path != null)
{
- //make sure implied manage is not available
- hasWriteAccess = this.computeAccess(user, path, "manage");
+ hasWriteAccess = this.computeAccess(user, path, "write");
+ if (!hasWriteAccess)
+ {
+ //make sure implied manage is not available
+ hasWriteAccess = this.computeAccess(user, path, "manage");
+ }
}
return hasWriteAccess;
@@ -300,7 +306,7 @@
* @param path
* @return
*/
- private boolean hasWriteAccess(User user, String path)
+ protected boolean hasWriteAccess(User user, String path)
{
boolean hasAccess = this.computeAccess(user, path, "write");
if (!hasAccess)
@@ -316,7 +322,7 @@
* @param command
* @return
*/
- private boolean hasManageAccess(User user, JCRCommand command)
+ protected boolean hasManageAccess(User user, JCRCommand command)
{
boolean hasManageAccess = false;
@@ -353,7 +359,7 @@
/**
*
*/
- private boolean computeAccess(User user, String path, String action)
+ protected boolean computeAccess(User user, String path, String action)
{
boolean hasAccess = false;
Added: modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/security/DummyCommand.java
===================================================================
--- modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/security/DummyCommand.java (rev 0)
+++ modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/security/DummyCommand.java 2008-09-04 12:28:53 UTC (rev 11803)
@@ -0,0 +1,50 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.portal.cms.test.security;
+
+import org.jboss.portal.cms.CMSException;
+import org.jboss.portal.cms.impl.jcr.JCRCommand;
+
+/**
+ * @author <a href="mailto:theute at jboss.org">Thomas Heute</a>
+ * @version $Revision$
+ */
+public class DummyCommand extends JCRCommand
+{
+ public String path;
+
+ public DummyCommand(String path)
+ {
+ this.path = path;
+ }
+
+ @Override
+ public Object execute() throws CMSException
+ {
+ System.out.println(path);
+ return null;
+ }
+
+
+}
+
Added: modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/security/TestACLEnforcer.java
===================================================================
--- modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/security/TestACLEnforcer.java (rev 0)
+++ modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/security/TestACLEnforcer.java 2008-09-04 12:28:53 UTC (rev 11803)
@@ -0,0 +1,60 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.portal.cms.test.security;
+
+import org.jboss.portal.cms.impl.jcr.JCRCommand;
+import org.jboss.portal.cms.impl.jcr.command.ACLEnforcer;
+import org.jboss.portal.cms.security.AuthorizationManager;
+import org.jboss.portal.identity.User;
+
+/**
+ * @author <a href="mailto:theute at jboss.org">Thomas Heute</a>
+ * @version $Revision$
+ */
+public class TestACLEnforcer extends ACLEnforcer
+{
+ public TestACLEnforcer(AuthorizationManager authorizationManager)
+ {
+ super(authorizationManager);
+ addACLCommand(Type.READ, DummyCommand.class.getName());
+ }
+
+ protected boolean hasReadAccess(User user, JCRCommand command)
+ {
+ boolean hasReadAccess = super.hasReadAccess(user, command);
+
+ String path = null;
+ if (command instanceof DummyCommand)
+ {
+ path = ((DummyCommand)command).path;
+ }
+
+ if (path != null)
+ {
+ hasReadAccess = this.hasReadAccess(user, path);
+ }
+
+ return hasReadAccess;
+ }
+}
+
Added: modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/security/TestAuthorizationManagerImpl.java
===================================================================
--- modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/security/TestAuthorizationManagerImpl.java (rev 0)
+++ modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/security/TestAuthorizationManagerImpl.java 2008-09-04 12:28:53 UTC (rev 11803)
@@ -0,0 +1,40 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.portal.cms.test.security;
+
+import org.jboss.portal.cms.security.AuthorizationManagerImpl;
+
+/**
+ * @author <a href="mailto:theute at jboss.org">Thomas Heute</a>
+ * @version $Revision$
+ */
+public class TestAuthorizationManagerImpl extends AuthorizationManagerImpl
+{
+
+ public void startService() throws Exception
+ {
+ super.startService();
+ setEnforcer(new TestACLEnforcer(this));
+ }
+}
+
Added: modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/security/TestNewReadCommand.java
===================================================================
--- modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/security/TestNewReadCommand.java (rev 0)
+++ modules/cms/trunk/cms-jackrabbit/src/test/java/org/jboss/portal/cms/test/security/TestNewReadCommand.java 2008-09-04 12:28:53 UTC (rev 11803)
@@ -0,0 +1,197 @@
+/******************************************************************************
+ * JBoss, a division of Red Hat *
+ * Copyright 2006, Red Hat Middleware, LLC, and individual *
+ * contributors as indicated by the @authors tag. See the *
+ * copyright.txt in the distribution for a full listing of *
+ * individual contributors. *
+ * *
+ * This is free software; you can redistribute it and/or modify it *
+ * under the terms of the GNU Lesser General Public License as *
+ * published by the Free Software Foundation; either version 2.1 of *
+ * the License, or (at your option) any later version. *
+ * *
+ * This software is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
+ * Lesser General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU Lesser General Public *
+ * License along with this software; if not, write to the Free *
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
+ ******************************************************************************/
+package org.jboss.portal.cms.test.security;
+
+import java.util.List;
+import java.util.Locale;
+
+import javax.naming.InitialContext;
+
+import junit.framework.TestSuite;
+
+import org.hibernate.Session;
+import org.hibernate.SessionFactory;
+import org.hibernate.Transaction;
+import org.jboss.portal.cms.CMSException;
+import org.jboss.portal.cms.Command;
+import org.jboss.portal.cms.impl.interceptors.ACLInterceptor;
+import org.jboss.portal.cms.impl.jcr.JCRCMS;
+import org.jboss.portal.cms.model.File;
+import org.jboss.portal.cms.model.Folder;
+import org.jboss.portal.cms.security.AuthorizationProviderImpl;
+import org.jboss.portal.common.invocation.Interceptor;
+import org.jboss.portal.identity.IdentityContext;
+import org.jboss.portal.identity.IdentityServiceController;
+import org.jboss.portal.identity.UserModule;
+import org.jboss.portal.server.impl.invocation.JBossInterceptorStack;
+import org.jboss.portal.cms.test.commands.AbstractCommandTestCase;
+import org.jboss.portal.cms.test.commands.CMSInterceptorStackFactory;
+
+/**
+ * @author <a href="mailto:theute at jboss.org">Thomas Heute</a>
+ * @version $Revision$
+ */
+public class TestNewReadCommand extends AbstractCommandTestCase
+{
+ String rejectFolderPath = "/default/private";
+ String allowedFolderPath = "/default/images";
+ String rejectFilePath = "/default/private/license.html";
+ String allowedFilePath = "/default/images/check.gif";
+
+ /**
+ *
+ */
+ protected UserModule userModule = null;
+
+ /**
+ *
+ */
+ public TestNewReadCommand()
+ {
+ super();
+ }
+
+
+ public static TestSuite suite() throws Exception
+ {
+ return createTestSuite(TestNewReadCommand.class);
+ }
+
+ /**
+ *
+ */
+ public void setUp() throws Exception
+ {
+ //override the configration location to include workflow services
+ this.configuration = "org/jboss/portal/cms/jboss-beans-security-test.xml";
+ super.setUp();
+
+ ACLInterceptor aclInterceptor = this.getACLInterceptor();
+
+ //Setup the interceptor stack
+ CMSInterceptorStackFactory stackFactory = new CMSInterceptorStackFactory();
+ Interceptor[] interceptors = new Interceptor[1];
+ interceptors[0] = aclInterceptor;
+ JBossInterceptorStack stack = new JBossInterceptorStack(interceptors);
+ stackFactory.setInterceptorStack(stack);
+
+ this.service.setStackFactory(stackFactory);
+
+ //Register the IdentityService with the JCR service
+ IdentityServiceController identityService = ((AuthorizationProviderImpl)aclInterceptor.getAuthorizationManager().getProvider()).
+ getIdentityServiceController();
+ this.userModule = (UserModule)identityService.getIdentityContext().getObject(IdentityContext.TYPE_USER_MODULE);
+ }
+
+ /**
+ *
+ */
+ public void tearDown() throws Exception
+ {
+ super.tearDown();
+ this.userModule = null;
+ }
+
+
+ /** @return */
+ protected ACLInterceptor getACLInterceptor() throws Exception
+ {
+ ACLInterceptor aclInterceptor = (ACLInterceptor)new InitialContext().lookup("java:/portal/cms/ACLInterceptor");
+ return aclInterceptor;
+ }
+
+ /** @param username */
+ protected void runAs(String username) throws Exception
+ {
+ SessionFactory sessionFactory = (SessionFactory)new InitialContext().lookup("java:/SessionFactory");
+ Session session = sessionFactory.openSession();
+ Transaction tx = session.beginTransaction();
+ JCRCMS.getUserInfo().set(this.userModule.findUserByUserName(username));
+ tx.commit();
+ session.close();
+ }
+
+ /**
+ * @param folderPath
+ * @throws CMSException
+ */
+ private void runAccessScenario(String folderPath) throws CMSException
+ {
+ //Get the specified folder
+ Command command = new DummyCommand(folderPath);
+ this.service.execute(command);
+ }
+
+ /** @throws Exception */
+ public void testAnonymous() throws Exception
+ {
+ try
+ {
+ this.runAccessScenario(this.rejectFilePath);
+ assertTrue("Access should not have been granted to" + this.rejectFilePath,
+ false);
+ }
+ catch (CMSException cme)
+ {
+ // assert and make sure access was not granted
+ String cmeMessage = cme.toString();
+ assertTrue(cmeMessage.indexOf("Access to this resource is denied") != -1);
+ }
+
+ try
+ {
+ this.runAccessScenario(this.rejectFolderPath);
+ assertTrue("Access should not have been granted to" + this.rejectFolderPath,
+ false);
+ }
+ catch (CMSException cme)
+ {
+ // assert and make sure access was not granted
+ String cmeMessage = cme.toString();
+ assertTrue(cmeMessage.indexOf("Access to this resource is denied") != -1);
+ }
+
+ try
+ {
+ this.runAccessScenario(this.allowedFilePath);
+ }
+ catch (CMSException cme)
+ {
+ // assert and make sure access was not granted
+ String cmeMessage = cme.toString();
+ assertTrue(cmeMessage.indexOf("Access to this resource is denied") == -1);
+ }
+
+ try
+ {
+ this.runAccessScenario(this.allowedFolderPath);
+ }
+ catch (CMSException cme)
+ {
+ // assert and make sure access was not granted
+ String cmeMessage = cme.toString();
+ assertTrue(cmeMessage.indexOf("Access to this resource is denied") == -1);
+ }
+ }
+}
+
Modified: modules/cms/trunk/cms-jackrabbit/src/test/resources/jboss-unit.xml
===================================================================
--- modules/cms/trunk/cms-jackrabbit/src/test/resources/jboss-unit.xml 2008-09-04 11:29:22 UTC (rev 11802)
+++ modules/cms/trunk/cms-jackrabbit/src/test/resources/jboss-unit.xml 2008-09-04 12:28:53 UTC (rev 11803)
@@ -84,6 +84,9 @@
<test >
<class name="org.jboss.portal.cms.test.security.TestWriteAccess"/>
</test>
+ <test >
+ <class name="org.jboss.portal.cms.test.security.TestNewReadCommand"/>
+ </test>
</pojo>
<pojo>
More information about the portal-commits
mailing list