Remove blank lines from all tests
Remove all blank lines from test code so that test methods are visually grouped together. This generally helps to make the test classes easer to scan, however, the "given" / "when" / "then" blocks used by some tests are now not as easy to discern. Issue gh-8945
This commit is contained in:
Phillip Webb
@@ -39,21 +39,18 @@ public class AclFormattingUtilsTests {
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
try {
|
||||
AclFormattingUtils.demergePatterns("SOME STRING", null);
|
||||
fail("It should have thrown IllegalArgumentException");
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
try {
|
||||
AclFormattingUtils.demergePatterns("SOME STRING", "LONGER SOME STRING");
|
||||
fail("It should have thrown IllegalArgumentException");
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
try {
|
||||
AclFormattingUtils.demergePatterns("SOME STRING", "SAME LENGTH");
|
||||
}
|
||||
@@ -68,7 +65,6 @@ public class AclFormattingUtilsTests {
|
||||
String removeBits = "...............................R";
|
||||
assertThat(AclFormattingUtils.demergePatterns(original, removeBits))
|
||||
.isEqualTo("...........................A....");
|
||||
|
||||
assertThat(AclFormattingUtils.demergePatterns("ABCDEF", "......")).isEqualTo("ABCDEF");
|
||||
assertThat(AclFormattingUtils.demergePatterns("ABCDEF", "GHIJKL")).isEqualTo("......");
|
||||
}
|
||||
@@ -81,21 +77,18 @@ public class AclFormattingUtilsTests {
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
try {
|
||||
AclFormattingUtils.mergePatterns("SOME STRING", null);
|
||||
fail("It should have thrown IllegalArgumentException");
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
try {
|
||||
AclFormattingUtils.mergePatterns("SOME STRING", "LONGER SOME STRING");
|
||||
fail("It should have thrown IllegalArgumentException");
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
try {
|
||||
AclFormattingUtils.mergePatterns("SOME STRING", "SAME LENGTH");
|
||||
}
|
||||
@@ -108,7 +101,6 @@ public class AclFormattingUtilsTests {
|
||||
String original = "...............................R";
|
||||
String extraBits = "...........................A....";
|
||||
assertThat(AclFormattingUtils.mergePatterns(original, extraBits)).isEqualTo("...........................A...R");
|
||||
|
||||
assertThat(AclFormattingUtils.mergePatterns("ABCDEF", "......")).isEqualTo("ABCDEF");
|
||||
assertThat(AclFormattingUtils.mergePatterns("ABCDEF", "GHIJKL")).isEqualTo("GHIJKL");
|
||||
}
|
||||
@@ -116,21 +108,18 @@ public class AclFormattingUtilsTests {
|
||||
@Test
|
||||
public final void testBinaryPrints() {
|
||||
assertThat(AclFormattingUtils.printBinary(15)).isEqualTo("............................****");
|
||||
|
||||
try {
|
||||
AclFormattingUtils.printBinary(15, Permission.RESERVED_ON);
|
||||
fail("It should have thrown IllegalArgumentException");
|
||||
}
|
||||
catch (IllegalArgumentException notExpected) {
|
||||
}
|
||||
|
||||
try {
|
||||
AclFormattingUtils.printBinary(15, Permission.RESERVED_OFF);
|
||||
fail("It should have thrown IllegalArgumentException");
|
||||
}
|
||||
catch (IllegalArgumentException notExpected) {
|
||||
}
|
||||
|
||||
assertThat(AclFormattingUtils.printBinary(15, 'x')).isEqualTo("............................xxxx");
|
||||
}
|
||||
|
||||
|
||||
-4
@@ -54,9 +54,7 @@ public class AclPermissionCacheOptimizerTests {
|
||||
ObjectIdentity[] oids = { new ObjectIdentityImpl("A", "1"), new ObjectIdentityImpl("A", "2") };
|
||||
given(oidStrat.getObjectIdentity(dos[0])).willReturn(oids[0]);
|
||||
given(oidStrat.getObjectIdentity(dos[2])).willReturn(oids[1]);
|
||||
|
||||
pco.cachePermissionsFor(mock(Authentication.class), Arrays.asList(dos));
|
||||
|
||||
// AclService should be invoked with the list of required Oids
|
||||
verify(service).readAclsById(eq(Arrays.asList(oids)), any(List.class));
|
||||
}
|
||||
@@ -69,9 +67,7 @@ public class AclPermissionCacheOptimizerTests {
|
||||
SidRetrievalStrategy sids = mock(SidRetrievalStrategy.class);
|
||||
pco.setObjectIdentityRetrievalStrategy(oids);
|
||||
pco.setSidRetrievalStrategy(sids);
|
||||
|
||||
pco.cachePermissionsFor(mock(Authentication.class), Collections.emptyList());
|
||||
|
||||
verifyZeroInteractions(service, sids, oids);
|
||||
}
|
||||
|
||||
|
||||
@@ -50,10 +50,8 @@ public class AclPermissionEvaluatorTests {
|
||||
pe.setObjectIdentityRetrievalStrategy(oidStrategy);
|
||||
pe.setSidRetrievalStrategy(mock(SidRetrievalStrategy.class));
|
||||
Acl acl = mock(Acl.class);
|
||||
|
||||
given(service.readAclById(any(ObjectIdentity.class), anyList())).willReturn(acl);
|
||||
given(acl.isGranted(anyList(), anyList(), eq(false))).willReturn(true);
|
||||
|
||||
assertThat(pe.hasPermission(mock(Authentication.class), new Object(), "READ")).isTrue();
|
||||
}
|
||||
|
||||
@@ -61,7 +59,6 @@ public class AclPermissionEvaluatorTests {
|
||||
public void resolvePermissionNonEnglishLocale() {
|
||||
Locale systemLocale = Locale.getDefault();
|
||||
Locale.setDefault(new Locale("tr"));
|
||||
|
||||
AclService service = mock(AclService.class);
|
||||
AclPermissionEvaluator pe = new AclPermissionEvaluator(service);
|
||||
ObjectIdentity oid = mock(ObjectIdentity.class);
|
||||
@@ -70,12 +67,9 @@ public class AclPermissionEvaluatorTests {
|
||||
pe.setObjectIdentityRetrievalStrategy(oidStrategy);
|
||||
pe.setSidRetrievalStrategy(mock(SidRetrievalStrategy.class));
|
||||
Acl acl = mock(Acl.class);
|
||||
|
||||
given(service.readAclById(any(ObjectIdentity.class), anyList())).willReturn(acl);
|
||||
given(acl.isGranted(anyList(), anyList(), eq(false))).willReturn(true);
|
||||
|
||||
assertThat(pe.hasPermission(mock(Authentication.class), new Object(), "write")).isTrue();
|
||||
|
||||
Locale.setDefault(systemLocale);
|
||||
}
|
||||
|
||||
|
||||
-3
@@ -58,7 +58,6 @@ public class AclEntryAfterInvocationCollectionFilteringProviderTests {
|
||||
provider.setObjectIdentityRetrievalStrategy(mock(ObjectIdentityRetrievalStrategy.class));
|
||||
provider.setProcessDomainObjectClass(Object.class);
|
||||
provider.setSidRetrievalStrategy(mock(SidRetrievalStrategy.class));
|
||||
|
||||
Object returned = provider.decide(mock(Authentication.class), new Object(),
|
||||
SecurityConfig.createList("AFTER_ACL_COLLECTION_READ"),
|
||||
new ArrayList(Arrays.asList(new Object(), new Object())));
|
||||
@@ -76,7 +75,6 @@ public class AclEntryAfterInvocationCollectionFilteringProviderTests {
|
||||
AclEntryAfterInvocationCollectionFilteringProvider provider = new AclEntryAfterInvocationCollectionFilteringProvider(
|
||||
mock(AclService.class), Arrays.asList(mock(Permission.class)));
|
||||
Object returned = new Object();
|
||||
|
||||
assertThat(returned).isSameAs(provider.decide(mock(Authentication.class), new Object(),
|
||||
Collections.<ConfigAttribute>emptyList(), returned));
|
||||
}
|
||||
@@ -86,7 +84,6 @@ public class AclEntryAfterInvocationCollectionFilteringProviderTests {
|
||||
AclService service = mock(AclService.class);
|
||||
AclEntryAfterInvocationCollectionFilteringProvider provider = new AclEntryAfterInvocationCollectionFilteringProvider(
|
||||
service, Arrays.asList(mock(Permission.class)));
|
||||
|
||||
assertThat(provider.decide(mock(Authentication.class), new Object(),
|
||||
SecurityConfig.createList("AFTER_ACL_COLLECTION_READ"), null)).isNull();
|
||||
verify(service, never()).readAclById(any(ObjectIdentity.class), any(List.class));
|
||||
|
||||
-4
@@ -74,7 +74,6 @@ public class AclEntryAfterInvocationProviderTests {
|
||||
provider.setProcessDomainObjectClass(Object.class);
|
||||
provider.setSidRetrievalStrategy(mock(SidRetrievalStrategy.class));
|
||||
Object returned = new Object();
|
||||
|
||||
assertThat(returned).isSameAs(provider.decide(mock(Authentication.class), new Object(),
|
||||
SecurityConfig.createList("AFTER_ACL_READ"), returned));
|
||||
}
|
||||
@@ -84,7 +83,6 @@ public class AclEntryAfterInvocationProviderTests {
|
||||
AclEntryAfterInvocationProvider provider = new AclEntryAfterInvocationProvider(mock(AclService.class),
|
||||
Arrays.asList(mock(Permission.class)));
|
||||
Object returned = new Object();
|
||||
|
||||
assertThat(returned).isSameAs(provider.decide(mock(Authentication.class), new Object(),
|
||||
Collections.<ConfigAttribute>emptyList(), returned));
|
||||
}
|
||||
@@ -96,7 +94,6 @@ public class AclEntryAfterInvocationProviderTests {
|
||||
provider.setProcessDomainObjectClass(String.class);
|
||||
// Not a String
|
||||
Object returned = new Object();
|
||||
|
||||
assertThat(returned).isSameAs(provider.decide(mock(Authentication.class), new Object(),
|
||||
SecurityConfig.createList("AFTER_ACL_READ"), returned));
|
||||
}
|
||||
@@ -133,7 +130,6 @@ public class AclEntryAfterInvocationProviderTests {
|
||||
AclService service = mock(AclService.class);
|
||||
AclEntryAfterInvocationProvider provider = new AclEntryAfterInvocationProvider(service,
|
||||
Arrays.asList(mock(Permission.class)));
|
||||
|
||||
assertThat(provider.decide(mock(Authentication.class), new Object(),
|
||||
SecurityConfig.createList("AFTER_ACL_COLLECTION_READ"), null)).isNull();
|
||||
verify(service, never()).readAclById(any(ObjectIdentity.class), any(List.class));
|
||||
|
||||
-7
@@ -46,7 +46,6 @@ public class AccessControlImplEntryTests {
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
// Check Sid field is present
|
||||
try {
|
||||
new AccessControlEntryImpl(null, mock(Acl.class), null, BasePermission.ADMINISTRATION, true, true, true);
|
||||
@@ -54,7 +53,6 @@ public class AccessControlImplEntryTests {
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
// Check Permission field is present
|
||||
try {
|
||||
new AccessControlEntryImpl(null, mock(Acl.class), new PrincipalSid("johndoe"), null, true, true, true);
|
||||
@@ -68,11 +66,9 @@ public class AccessControlImplEntryTests {
|
||||
public void testAccessControlEntryImplGetters() {
|
||||
Acl mockAcl = mock(Acl.class);
|
||||
Sid sid = new PrincipalSid("johndoe");
|
||||
|
||||
// Create a sample entry
|
||||
AccessControlEntry ace = new AccessControlEntryImpl(1L, mockAcl, sid, BasePermission.ADMINISTRATION, true, true,
|
||||
true);
|
||||
|
||||
// and check every get() method
|
||||
assertThat(ace.getId()).isEqualTo(1L);
|
||||
assertThat(ace.getAcl()).isEqualTo(mockAcl);
|
||||
@@ -87,13 +83,10 @@ public class AccessControlImplEntryTests {
|
||||
public void testEquals() {
|
||||
final Acl mockAcl = mock(Acl.class);
|
||||
final ObjectIdentity oid = mock(ObjectIdentity.class);
|
||||
|
||||
given(mockAcl.getObjectIdentity()).willReturn(oid);
|
||||
Sid sid = new PrincipalSid("johndoe");
|
||||
|
||||
AccessControlEntry ace = new AccessControlEntryImpl(1L, mockAcl, sid, BasePermission.ADMINISTRATION, true, true,
|
||||
true);
|
||||
|
||||
assertThat(ace).isNotNull();
|
||||
assertThat(ace).isNotEqualTo(100L);
|
||||
assertThat(ace).isEqualTo(ace);
|
||||
|
||||
@@ -156,7 +156,6 @@ public class AclImplTests {
|
||||
MutableAcl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, true,
|
||||
new PrincipalSid("joe"));
|
||||
MockAclService service = new MockAclService();
|
||||
|
||||
// Insert one permission
|
||||
acl.insertAce(0, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST1"), true);
|
||||
service.updateAcl(acl);
|
||||
@@ -165,7 +164,6 @@ public class AclImplTests {
|
||||
assertThat(acl).isEqualTo(acl.getEntries().get(0).getAcl());
|
||||
assertThat(BasePermission.READ).isEqualTo(acl.getEntries().get(0).getPermission());
|
||||
assertThat(acl.getEntries().get(0).getSid()).isEqualTo(new GrantedAuthoritySid("ROLE_TEST1"));
|
||||
|
||||
// Add a second permission
|
||||
acl.insertAce(1, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST2"), true);
|
||||
service.updateAcl(acl);
|
||||
@@ -174,7 +172,6 @@ public class AclImplTests {
|
||||
assertThat(acl).isEqualTo(acl.getEntries().get(1).getAcl());
|
||||
assertThat(BasePermission.READ).isEqualTo(acl.getEntries().get(1).getPermission());
|
||||
assertThat(acl.getEntries().get(1).getSid()).isEqualTo(new GrantedAuthoritySid("ROLE_TEST2"));
|
||||
|
||||
// Add a third permission, after the first one
|
||||
acl.insertAce(1, BasePermission.WRITE, new GrantedAuthoritySid("ROLE_TEST3"), false);
|
||||
service.updateAcl(acl);
|
||||
@@ -193,11 +190,9 @@ public class AclImplTests {
|
||||
MutableAcl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, true,
|
||||
new PrincipalSid("joe"));
|
||||
MockAclService service = new MockAclService();
|
||||
|
||||
// Insert one permission
|
||||
acl.insertAce(0, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST1"), true);
|
||||
service.updateAcl(acl);
|
||||
|
||||
acl.insertAce(55, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST2"), true);
|
||||
}
|
||||
|
||||
@@ -206,20 +201,17 @@ public class AclImplTests {
|
||||
MutableAcl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, true,
|
||||
new PrincipalSid("joe"));
|
||||
MockAclService service = new MockAclService();
|
||||
|
||||
// Add several permissions
|
||||
acl.insertAce(0, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST1"), true);
|
||||
acl.insertAce(1, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST2"), true);
|
||||
acl.insertAce(2, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST3"), true);
|
||||
service.updateAcl(acl);
|
||||
|
||||
// Delete first permission and check the order of the remaining permissions is
|
||||
// kept
|
||||
acl.deleteAce(0);
|
||||
assertThat(acl.getEntries()).hasSize(2);
|
||||
assertThat(acl.getEntries().get(0).getSid()).isEqualTo(new GrantedAuthoritySid("ROLE_TEST2"));
|
||||
assertThat(acl.getEntries().get(1).getSid()).isEqualTo(new GrantedAuthoritySid("ROLE_TEST3"));
|
||||
|
||||
// Add one more permission and remove the permission in the middle
|
||||
acl.insertAce(2, BasePermission.READ, new GrantedAuthoritySid("ROLE_TEST4"), true);
|
||||
service.updateAcl(acl);
|
||||
@@ -227,7 +219,6 @@ public class AclImplTests {
|
||||
assertThat(acl.getEntries()).hasSize(2);
|
||||
assertThat(acl.getEntries().get(0).getSid()).isEqualTo(new GrantedAuthoritySid("ROLE_TEST2"));
|
||||
assertThat(acl.getEntries().get(1).getSid()).isEqualTo(new GrantedAuthoritySid("ROLE_TEST4"));
|
||||
|
||||
// Remove remaining permissions
|
||||
acl.deleteAce(1);
|
||||
acl.deleteAce(0);
|
||||
@@ -274,17 +265,14 @@ public class AclImplTests {
|
||||
auth.setAuthenticated(true);
|
||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
ObjectIdentity rootOid = new ObjectIdentityImpl(TARGET_CLASS, 100);
|
||||
|
||||
// Create an ACL which owner is not the authenticated principal
|
||||
MutableAcl rootAcl = new AclImpl(rootOid, 1, this.authzStrategy, this.pgs, null, null, false,
|
||||
new PrincipalSid("joe"));
|
||||
|
||||
// Grant some permissions
|
||||
rootAcl.insertAce(0, BasePermission.READ, new PrincipalSid("ben"), false);
|
||||
rootAcl.insertAce(1, BasePermission.WRITE, new PrincipalSid("scott"), true);
|
||||
rootAcl.insertAce(2, BasePermission.WRITE, new PrincipalSid("rod"), false);
|
||||
rootAcl.insertAce(3, BasePermission.WRITE, new GrantedAuthoritySid("WRITE_ACCESS_ROLE"), true);
|
||||
|
||||
// Check permissions granting
|
||||
List<Permission> permissions = Arrays.asList(BasePermission.READ, BasePermission.CREATE);
|
||||
List<Sid> sids = Arrays.asList(new PrincipalSid("ben"), new GrantedAuthoritySid("ROLE_GUEST"));
|
||||
@@ -320,7 +308,6 @@ public class AclImplTests {
|
||||
ObjectIdentity parentOid2 = new ObjectIdentityImpl(TARGET_CLASS, 102);
|
||||
ObjectIdentity childOid1 = new ObjectIdentityImpl(TARGET_CLASS, 103);
|
||||
ObjectIdentity childOid2 = new ObjectIdentityImpl(TARGET_CLASS, 104);
|
||||
|
||||
// Create ACLs
|
||||
PrincipalSid joe = new PrincipalSid("joe");
|
||||
MutableAcl grandParentAcl = new AclImpl(grandParentOid, 1, this.authzStrategy, this.pgs, null, null, false,
|
||||
@@ -329,13 +316,11 @@ public class AclImplTests {
|
||||
MutableAcl parentAcl2 = new AclImpl(parentOid2, 3, this.authzStrategy, this.pgs, null, null, true, joe);
|
||||
MutableAcl childAcl1 = new AclImpl(childOid1, 4, this.authzStrategy, this.pgs, null, null, true, joe);
|
||||
MutableAcl childAcl2 = new AclImpl(childOid2, 4, this.authzStrategy, this.pgs, null, null, false, joe);
|
||||
|
||||
// Create hierarchies
|
||||
childAcl2.setParent(childAcl1);
|
||||
childAcl1.setParent(parentAcl1);
|
||||
parentAcl2.setParent(grandParentAcl);
|
||||
parentAcl1.setParent(grandParentAcl);
|
||||
|
||||
// Add some permissions
|
||||
grandParentAcl.insertAce(0, BasePermission.READ, new GrantedAuthoritySid("ROLE_USER_READ"), true);
|
||||
grandParentAcl.insertAce(1, BasePermission.WRITE, new PrincipalSid("ben"), true);
|
||||
@@ -345,7 +330,6 @@ public class AclImplTests {
|
||||
parentAcl1.insertAce(1, BasePermission.DELETE, new PrincipalSid("scott"), false);
|
||||
parentAcl2.insertAce(0, BasePermission.CREATE, new PrincipalSid("ben"), true);
|
||||
childAcl1.insertAce(0, BasePermission.CREATE, new PrincipalSid("scott"), true);
|
||||
|
||||
// Check granting process for parent1
|
||||
assertThat(parentAcl1.isGranted(READ, SCOTT, false)).isTrue();
|
||||
assertThat(parentAcl1.isGranted(READ, Arrays.asList((Sid) new GrantedAuthoritySid("ROLE_USER_READ")), false))
|
||||
@@ -353,18 +337,15 @@ public class AclImplTests {
|
||||
assertThat(parentAcl1.isGranted(WRITE, BEN, false)).isTrue();
|
||||
assertThat(parentAcl1.isGranted(DELETE, BEN, false)).isFalse();
|
||||
assertThat(parentAcl1.isGranted(DELETE, SCOTT, false)).isFalse();
|
||||
|
||||
// Check granting process for parent2
|
||||
assertThat(parentAcl2.isGranted(CREATE, BEN, false)).isTrue();
|
||||
assertThat(parentAcl2.isGranted(WRITE, BEN, false)).isTrue();
|
||||
assertThat(parentAcl2.isGranted(DELETE, BEN, false)).isFalse();
|
||||
|
||||
// Check granting process for child1
|
||||
assertThat(childAcl1.isGranted(CREATE, SCOTT, false)).isTrue();
|
||||
assertThat(childAcl1.isGranted(READ, Arrays.asList((Sid) new GrantedAuthoritySid("ROLE_USER_READ")), false))
|
||||
.isTrue();
|
||||
assertThat(childAcl1.isGranted(DELETE, BEN, false)).isFalse();
|
||||
|
||||
// Check granting process for child2 (doesn't inherit the permissions from its
|
||||
// parent)
|
||||
try {
|
||||
@@ -389,21 +370,17 @@ public class AclImplTests {
|
||||
MutableAcl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, false,
|
||||
new PrincipalSid("joe"));
|
||||
MockAclService service = new MockAclService();
|
||||
|
||||
acl.insertAce(0, BasePermission.READ, new GrantedAuthoritySid("ROLE_USER_READ"), true);
|
||||
acl.insertAce(1, BasePermission.WRITE, new GrantedAuthoritySid("ROLE_USER_READ"), true);
|
||||
acl.insertAce(2, BasePermission.CREATE, new PrincipalSid("ben"), true);
|
||||
service.updateAcl(acl);
|
||||
|
||||
assertThat(BasePermission.READ).isEqualTo(acl.getEntries().get(0).getPermission());
|
||||
assertThat(BasePermission.WRITE).isEqualTo(acl.getEntries().get(1).getPermission());
|
||||
assertThat(BasePermission.CREATE).isEqualTo(acl.getEntries().get(2).getPermission());
|
||||
|
||||
// Change each permission
|
||||
acl.updateAce(0, BasePermission.CREATE);
|
||||
acl.updateAce(1, BasePermission.DELETE);
|
||||
acl.updateAce(2, BasePermission.READ);
|
||||
|
||||
// Check the change was successfully made
|
||||
assertThat(BasePermission.CREATE).isEqualTo(acl.getEntries().get(0).getPermission());
|
||||
assertThat(BasePermission.DELETE).isEqualTo(acl.getEntries().get(1).getPermission());
|
||||
@@ -418,20 +395,16 @@ public class AclImplTests {
|
||||
MutableAcl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, false,
|
||||
new PrincipalSid("joe"));
|
||||
MockAclService service = new MockAclService();
|
||||
|
||||
acl.insertAce(0, BasePermission.READ, new GrantedAuthoritySid("ROLE_USER_READ"), true);
|
||||
acl.insertAce(1, BasePermission.WRITE, new GrantedAuthoritySid("ROLE_USER_READ"), true);
|
||||
service.updateAcl(acl);
|
||||
|
||||
assertThat(((AuditableAccessControlEntry) acl.getEntries().get(0)).isAuditFailure()).isFalse();
|
||||
assertThat(((AuditableAccessControlEntry) acl.getEntries().get(1)).isAuditFailure()).isFalse();
|
||||
assertThat(((AuditableAccessControlEntry) acl.getEntries().get(0)).isAuditSuccess()).isFalse();
|
||||
assertThat(((AuditableAccessControlEntry) acl.getEntries().get(1)).isAuditSuccess()).isFalse();
|
||||
|
||||
// Change each permission
|
||||
((AuditableAcl) acl).updateAuditing(0, true, true);
|
||||
((AuditableAcl) acl).updateAuditing(1, true, true);
|
||||
|
||||
// Check the change was successfuly made
|
||||
assertThat(acl.getEntries()).extracting("auditSuccess").containsOnly(true, true);
|
||||
assertThat(acl.getEntries()).extracting("auditFailure").containsOnly(true, true);
|
||||
@@ -452,20 +425,16 @@ public class AclImplTests {
|
||||
acl.insertAce(0, BasePermission.READ, new GrantedAuthoritySid("ROLE_USER_READ"), true);
|
||||
acl.insertAce(1, BasePermission.WRITE, new GrantedAuthoritySid("ROLE_USER_READ"), true);
|
||||
service.updateAcl(acl);
|
||||
|
||||
assertThat(1).isEqualTo(acl.getId());
|
||||
assertThat(identity).isEqualTo(acl.getObjectIdentity());
|
||||
assertThat(new PrincipalSid("joe")).isEqualTo(acl.getOwner());
|
||||
assertThat(acl.getParentAcl()).isNull();
|
||||
assertThat(acl.isEntriesInheriting()).isTrue();
|
||||
assertThat(acl.getEntries()).hasSize(2);
|
||||
|
||||
acl.setParent(parentAcl);
|
||||
assertThat(parentAcl).isEqualTo(acl.getParentAcl());
|
||||
|
||||
acl.setEntriesInheriting(false);
|
||||
assertThat(acl.isEntriesInheriting()).isFalse();
|
||||
|
||||
acl.setOwner(new PrincipalSid("ben"));
|
||||
assertThat(new PrincipalSid("ben")).isEqualTo(acl.getOwner());
|
||||
}
|
||||
@@ -475,7 +444,6 @@ public class AclImplTests {
|
||||
List<Sid> loadedSids = Arrays.asList(new PrincipalSid("ben"), new GrantedAuthoritySid("ROLE_IGNORED"));
|
||||
MutableAcl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, loadedSids, true,
|
||||
new PrincipalSid("joe"));
|
||||
|
||||
assertThat(acl.isSidLoaded(loadedSids)).isTrue();
|
||||
assertThat(acl.isSidLoaded(Arrays.asList(new GrantedAuthoritySid("ROLE_IGNORED"), new PrincipalSid("ben"))))
|
||||
.isTrue();
|
||||
@@ -534,7 +502,6 @@ public class AclImplTests {
|
||||
AclImpl parentAcl = new AclImpl(this.objectIdentity, 1L, this.authzStrategy, this.mockAuditLogger);
|
||||
AclImpl childAcl = new AclImpl(this.objectIdentity, 2L, this.authzStrategy, this.mockAuditLogger);
|
||||
AclImpl changeParentAcl = new AclImpl(this.objectIdentity, 3L, this.authzStrategy, this.mockAuditLogger);
|
||||
|
||||
childAcl.setParent(parentAcl);
|
||||
childAcl.setParent(changeParentAcl);
|
||||
}
|
||||
@@ -562,10 +529,8 @@ public class AclImplTests {
|
||||
ObjectIdentity oid = new ObjectIdentityImpl("type", 1);
|
||||
AclAuthorizationStrategy authStrategy = new AclAuthorizationStrategyImpl(new SimpleGrantedAuthority("role"));
|
||||
PermissionGrantingStrategy grantingStrategy = new DefaultPermissionGrantingStrategy(new ConsoleAuditLogger());
|
||||
|
||||
AclImpl acl = new AclImpl(oid, 1L, authStrategy, grantingStrategy, null, null, false, sid);
|
||||
AccessControlEntryImpl ace = new AccessControlEntryImpl(1L, acl, sid, BasePermission.READ, true, true, true);
|
||||
|
||||
Field fieldAces = FieldUtils.getField(AclImpl.class, "aces");
|
||||
fieldAces.setAccessible(true);
|
||||
List<AccessControlEntryImpl> aces = (List<AccessControlEntryImpl>) fieldAces.get(acl);
|
||||
@@ -617,7 +582,6 @@ public class AclImplTests {
|
||||
try {
|
||||
newAces = (List) acesField.get(acl);
|
||||
newAces.clear();
|
||||
|
||||
for (int i = 0; i < oldAces.size(); i++) {
|
||||
AccessControlEntry ac = oldAces.get(i);
|
||||
// Just give an ID to all this acl's aces, rest of the fields are just
|
||||
@@ -630,7 +594,6 @@ public class AclImplTests {
|
||||
catch (IllegalAccessException ex) {
|
||||
ex.printStackTrace();
|
||||
}
|
||||
|
||||
return acl;
|
||||
}
|
||||
|
||||
|
||||
-27
@@ -58,18 +58,14 @@ public class AclImplementationSecurityCheckTests {
|
||||
"ROLE_OWNERSHIP");
|
||||
auth.setAuthenticated(true);
|
||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
|
||||
ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, 100L);
|
||||
AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
|
||||
new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"),
|
||||
new SimpleGrantedAuthority("ROLE_GENERAL"));
|
||||
|
||||
Acl acl = new AclImpl(identity, 1L, aclAuthorizationStrategy, new ConsoleAuditLogger());
|
||||
|
||||
aclAuthorizationStrategy.securityCheck(acl, AclAuthorizationStrategy.CHANGE_GENERAL);
|
||||
aclAuthorizationStrategy.securityCheck(acl, AclAuthorizationStrategy.CHANGE_AUDITING);
|
||||
aclAuthorizationStrategy.securityCheck(acl, AclAuthorizationStrategy.CHANGE_OWNERSHIP);
|
||||
|
||||
// Create another authorization strategy
|
||||
AclAuthorizationStrategy aclAuthorizationStrategy2 = new AclAuthorizationStrategyImpl(
|
||||
new SimpleGrantedAuthority("ROLE_ONE"), new SimpleGrantedAuthority("ROLE_TWO"),
|
||||
@@ -102,21 +98,17 @@ public class AclImplementationSecurityCheckTests {
|
||||
Authentication auth = new TestingAuthenticationToken("user", "password", "ROLE_GENERAL");
|
||||
auth.setAuthenticated(true);
|
||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
|
||||
ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, 100L);
|
||||
// Authorization strategy will require a different role for each access
|
||||
AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
|
||||
new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"),
|
||||
new SimpleGrantedAuthority("ROLE_GENERAL"));
|
||||
|
||||
// Let's give the principal the ADMINISTRATION permission, without
|
||||
// granting access
|
||||
MutableAcl aclFirstDeny = new AclImpl(identity, 1L, aclAuthorizationStrategy, new ConsoleAuditLogger());
|
||||
aclFirstDeny.insertAce(0, BasePermission.ADMINISTRATION, new PrincipalSid(auth), false);
|
||||
|
||||
// The CHANGE_GENERAL test should pass as the principal has ROLE_GENERAL
|
||||
aclAuthorizationStrategy.securityCheck(aclFirstDeny, AclAuthorizationStrategy.CHANGE_GENERAL);
|
||||
|
||||
// The CHANGE_AUDITING and CHANGE_OWNERSHIP should fail since the
|
||||
// principal doesn't have these authorities,
|
||||
// nor granting access
|
||||
@@ -132,7 +124,6 @@ public class AclImplementationSecurityCheckTests {
|
||||
}
|
||||
catch (AccessDeniedException expected) {
|
||||
}
|
||||
|
||||
// Add granting access to this principal
|
||||
aclFirstDeny.insertAce(1, BasePermission.ADMINISTRATION, new PrincipalSid(auth), true);
|
||||
// and try again for CHANGE_AUDITING - the first ACE's granting flag
|
||||
@@ -143,27 +134,21 @@ public class AclImplementationSecurityCheckTests {
|
||||
}
|
||||
catch (AccessDeniedException expected) {
|
||||
}
|
||||
|
||||
// Create another ACL and give the principal the ADMINISTRATION
|
||||
// permission, with granting access
|
||||
MutableAcl aclFirstAllow = new AclImpl(identity, 1L, aclAuthorizationStrategy, new ConsoleAuditLogger());
|
||||
aclFirstAllow.insertAce(0, BasePermission.ADMINISTRATION, new PrincipalSid(auth), true);
|
||||
|
||||
// The CHANGE_AUDITING test should pass as there is one ACE with
|
||||
// granting access
|
||||
|
||||
aclAuthorizationStrategy.securityCheck(aclFirstAllow, AclAuthorizationStrategy.CHANGE_AUDITING);
|
||||
|
||||
// Add a deny ACE and test again for CHANGE_AUDITING
|
||||
aclFirstAllow.insertAce(1, BasePermission.ADMINISTRATION, new PrincipalSid(auth), false);
|
||||
try {
|
||||
aclAuthorizationStrategy.securityCheck(aclFirstAllow, AclAuthorizationStrategy.CHANGE_AUDITING);
|
||||
|
||||
}
|
||||
catch (AccessDeniedException notExpected) {
|
||||
fail("It shouldn't have thrown AccessDeniedException");
|
||||
}
|
||||
|
||||
// Create an ACL with no ACE
|
||||
MutableAcl aclNoACE = new AclImpl(identity, 1L, aclAuthorizationStrategy, new ConsoleAuditLogger());
|
||||
try {
|
||||
@@ -171,12 +156,10 @@ public class AclImplementationSecurityCheckTests {
|
||||
fail("It should have thrown NotFoundException");
|
||||
}
|
||||
catch (NotFoundException expected) {
|
||||
|
||||
}
|
||||
// and still grant access for CHANGE_GENERAL
|
||||
try {
|
||||
aclAuthorizationStrategy.securityCheck(aclNoACE, AclAuthorizationStrategy.CHANGE_GENERAL);
|
||||
|
||||
}
|
||||
catch (NotFoundException expected) {
|
||||
fail("It shouldn't have thrown NotFoundException");
|
||||
@@ -189,19 +172,16 @@ public class AclImplementationSecurityCheckTests {
|
||||
Authentication auth = new TestingAuthenticationToken("user", "password", "ROLE_GENERAL");
|
||||
auth.setAuthenticated(true);
|
||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
|
||||
ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, 100);
|
||||
// Authorization strategy will require a different role for each access
|
||||
AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
|
||||
new SimpleGrantedAuthority("ROLE_ONE"), new SimpleGrantedAuthority("ROLE_TWO"),
|
||||
new SimpleGrantedAuthority("ROLE_GENERAL"));
|
||||
|
||||
// Let's give the principal an ADMINISTRATION permission, with granting
|
||||
// access
|
||||
MutableAcl parentAcl = new AclImpl(identity, 1, aclAuthorizationStrategy, new ConsoleAuditLogger());
|
||||
parentAcl.insertAce(0, BasePermission.ADMINISTRATION, new PrincipalSid(auth), true);
|
||||
MutableAcl childAcl = new AclImpl(identity, 2, aclAuthorizationStrategy, new ConsoleAuditLogger());
|
||||
|
||||
// Check against the 'child' acl, which doesn't offer any authorization
|
||||
// rights on CHANGE_OWNERSHIP
|
||||
try {
|
||||
@@ -209,21 +189,17 @@ public class AclImplementationSecurityCheckTests {
|
||||
fail("It should have thrown NotFoundException");
|
||||
}
|
||||
catch (NotFoundException expected) {
|
||||
|
||||
}
|
||||
|
||||
// Link the child with its parent and test again against the
|
||||
// CHANGE_OWNERSHIP right
|
||||
childAcl.setParent(parentAcl);
|
||||
childAcl.setEntriesInheriting(true);
|
||||
try {
|
||||
aclAuthorizationStrategy.securityCheck(childAcl, AclAuthorizationStrategy.CHANGE_OWNERSHIP);
|
||||
|
||||
}
|
||||
catch (NotFoundException expected) {
|
||||
fail("It shouldn't have thrown NotFoundException");
|
||||
}
|
||||
|
||||
// Create a root parent and link it to the middle parent
|
||||
MutableAcl rootParentAcl = new AclImpl(identity, 1, aclAuthorizationStrategy, new ConsoleAuditLogger());
|
||||
parentAcl = new AclImpl(identity, 1, aclAuthorizationStrategy, new ConsoleAuditLogger());
|
||||
@@ -233,7 +209,6 @@ public class AclImplementationSecurityCheckTests {
|
||||
childAcl.setParent(parentAcl);
|
||||
try {
|
||||
aclAuthorizationStrategy.securityCheck(childAcl, AclAuthorizationStrategy.CHANGE_OWNERSHIP);
|
||||
|
||||
}
|
||||
catch (NotFoundException expected) {
|
||||
fail("It shouldn't have thrown NotFoundException");
|
||||
@@ -245,12 +220,10 @@ public class AclImplementationSecurityCheckTests {
|
||||
Authentication auth = new TestingAuthenticationToken("user", "password", "ROLE_ONE");
|
||||
auth.setAuthenticated(true);
|
||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
|
||||
ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, 100);
|
||||
AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
|
||||
new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"),
|
||||
new SimpleGrantedAuthority("ROLE_GENERAL"));
|
||||
|
||||
Acl acl = new AclImpl(identity, 1, aclAuthorizationStrategy,
|
||||
new DefaultPermissionGrantingStrategy(new ConsoleAuditLogger()), null, null, false,
|
||||
new PrincipalSid(auth));
|
||||
|
||||
@@ -76,7 +76,6 @@ public class AuditLoggerTests {
|
||||
@Test
|
||||
public void successIsLoggedIfAceRequiresSuccessAudit() {
|
||||
given(this.ace.isAuditSuccess()).willReturn(true);
|
||||
|
||||
this.logger.logIfNeeded(true, this.ace);
|
||||
assertThat(this.bytes.toString()).startsWith("GRANTED due to ACE");
|
||||
}
|
||||
|
||||
-11
@@ -42,7 +42,6 @@ public class ObjectIdentityImplTests {
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
// Check String-Serializable constructor required field
|
||||
try {
|
||||
new ObjectIdentityImpl("", 1L);
|
||||
@@ -50,7 +49,6 @@ public class ObjectIdentityImplTests {
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
// Check Serializable parameter is not null
|
||||
try {
|
||||
new ObjectIdentityImpl(DOMAIN_CLASS, null);
|
||||
@@ -58,7 +56,6 @@ public class ObjectIdentityImplTests {
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
// The correct way of using String-Serializable constructor
|
||||
try {
|
||||
new ObjectIdentityImpl(DOMAIN_CLASS, 1L);
|
||||
@@ -66,7 +63,6 @@ public class ObjectIdentityImplTests {
|
||||
catch (IllegalArgumentException notExpected) {
|
||||
fail("It shouldn't have thrown IllegalArgumentException");
|
||||
}
|
||||
|
||||
// Check the Class-Serializable constructor
|
||||
try {
|
||||
new ObjectIdentityImpl(MockIdDomainObject.class, null);
|
||||
@@ -91,9 +87,7 @@ public class ObjectIdentityImplTests {
|
||||
fail("It should have thrown IdentityUnavailableException");
|
||||
}
|
||||
catch (IdentityUnavailableException expected) {
|
||||
|
||||
}
|
||||
|
||||
// getId() should return a non-null value
|
||||
MockIdDomainObject mockId = new MockIdDomainObject();
|
||||
try {
|
||||
@@ -101,9 +95,7 @@ public class ObjectIdentityImplTests {
|
||||
fail("It should have thrown IllegalArgumentException");
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
|
||||
}
|
||||
|
||||
// getId() should return a Serializable object
|
||||
mockId.setId(new MockIdDomainObject());
|
||||
try {
|
||||
@@ -112,7 +104,6 @@ public class ObjectIdentityImplTests {
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
// getId() should return a Serializable object
|
||||
mockId.setId(100L);
|
||||
try {
|
||||
@@ -132,7 +123,6 @@ public class ObjectIdentityImplTests {
|
||||
ObjectIdentity obj = new ObjectIdentityImpl(DOMAIN_CLASS, 1L);
|
||||
MockIdDomainObject mockObj = new MockIdDomainObject();
|
||||
mockObj.setId(1L);
|
||||
|
||||
String string = "SOME_STRING";
|
||||
assertThat(string).isNotSameAs(obj);
|
||||
assertThat(obj).isNotNull();
|
||||
@@ -155,7 +145,6 @@ public class ObjectIdentityImplTests {
|
||||
public void longAndIntegerIdsWithSameValueAreEqualAndHaveSameHashcode() {
|
||||
ObjectIdentity obj = new ObjectIdentityImpl(Object.class, 5L);
|
||||
ObjectIdentity obj2 = new ObjectIdentityImpl(Object.class, 5);
|
||||
|
||||
assertThat(obj2).isEqualTo(obj);
|
||||
assertThat(obj2.hashCode()).isEqualTo(obj.hashCode());
|
||||
}
|
||||
|
||||
-2
@@ -34,10 +34,8 @@ public class ObjectIdentityRetrievalStrategyImplTests {
|
||||
public void testObjectIdentityCreation() {
|
||||
MockIdDomainObject domain = new MockIdDomainObject();
|
||||
domain.setId(1);
|
||||
|
||||
ObjectIdentityRetrievalStrategy retStrategy = new ObjectIdentityRetrievalStrategyImpl();
|
||||
ObjectIdentity identity = retStrategy.getObjectIdentity(domain);
|
||||
|
||||
assertThat(identity).isNotNull();
|
||||
assertThat(new ObjectIdentityImpl(domain)).isEqualTo(identity);
|
||||
}
|
||||
|
||||
@@ -62,26 +62,19 @@ public class PermissionTests {
|
||||
@Test
|
||||
public void stringConversion() {
|
||||
this.permissionFactory.registerPublicPermissions(SpecialPermission.class);
|
||||
|
||||
assertThat(BasePermission.READ.toString()).isEqualTo("BasePermission[...............................R=1]");
|
||||
|
||||
assertThat(BasePermission.ADMINISTRATION.toString())
|
||||
.isEqualTo("BasePermission[...........................A....=16]");
|
||||
|
||||
assertThat(new CumulativePermission().set(BasePermission.READ).toString())
|
||||
.isEqualTo("CumulativePermission[...............................R=1]");
|
||||
|
||||
assertThat(
|
||||
new CumulativePermission().set(SpecialPermission.ENTER).set(BasePermission.ADMINISTRATION).toString())
|
||||
.isEqualTo("CumulativePermission[..........................EA....=48]");
|
||||
|
||||
assertThat(new CumulativePermission().set(BasePermission.ADMINISTRATION).set(BasePermission.READ).toString())
|
||||
.isEqualTo("CumulativePermission[...........................A...R=17]");
|
||||
|
||||
assertThat(new CumulativePermission().set(BasePermission.ADMINISTRATION).set(BasePermission.READ)
|
||||
.clear(BasePermission.ADMINISTRATION).toString())
|
||||
.isEqualTo("CumulativePermission[...............................R=1]");
|
||||
|
||||
assertThat(new CumulativePermission().set(BasePermission.ADMINISTRATION).set(BasePermission.READ)
|
||||
.clear(BasePermission.ADMINISTRATION).clear(BasePermission.READ).toString())
|
||||
.isEqualTo("CumulativePermission[................................=0]");
|
||||
|
||||
-30
@@ -147,7 +147,6 @@ public abstract class AbstractBasicLookupStrategyTests {
|
||||
ObjectIdentity middleParentOid = new ObjectIdentityImpl(TARGET_CLASS, 101L);
|
||||
// Deliberately use an integer for the child, to reproduce bug report in SEC-819
|
||||
ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, 102);
|
||||
|
||||
Map<ObjectIdentity, Acl> map = this.strategy
|
||||
.readAclsById(Arrays.asList(topParentOid, middleParentOid, childOid), null);
|
||||
checkEntries(topParentOid, middleParentOid, childOid, map);
|
||||
@@ -158,15 +157,12 @@ public abstract class AbstractBasicLookupStrategyTests {
|
||||
ObjectIdentity topParentOid = new ObjectIdentityImpl(TARGET_CLASS, 100);
|
||||
ObjectIdentity middleParentOid = new ObjectIdentityImpl(TARGET_CLASS, 101L);
|
||||
ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, 102L);
|
||||
|
||||
// Objects were put in cache
|
||||
this.strategy.readAclsById(Arrays.asList(topParentOid, middleParentOid, childOid), null);
|
||||
|
||||
// Let's empty the database to force acls retrieval from cache
|
||||
emptyDatabase();
|
||||
Map<ObjectIdentity, Acl> map = this.strategy
|
||||
.readAclsById(Arrays.asList(topParentOid, middleParentOid, childOid), null);
|
||||
|
||||
checkEntries(topParentOid, middleParentOid, childOid, map);
|
||||
}
|
||||
|
||||
@@ -175,7 +171,6 @@ public abstract class AbstractBasicLookupStrategyTests {
|
||||
ObjectIdentity topParentOid = new ObjectIdentityImpl(TARGET_CLASS, 100L);
|
||||
ObjectIdentity middleParentOid = new ObjectIdentityImpl(TARGET_CLASS, 101);
|
||||
ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, 102L);
|
||||
|
||||
// Set a batch size to allow multiple database queries in order to retrieve all
|
||||
// acls
|
||||
this.strategy.setBatchSize(1);
|
||||
@@ -187,31 +182,25 @@ public abstract class AbstractBasicLookupStrategyTests {
|
||||
private void checkEntries(ObjectIdentity topParentOid, ObjectIdentity middleParentOid, ObjectIdentity childOid,
|
||||
Map<ObjectIdentity, Acl> map) {
|
||||
assertThat(map).hasSize(3);
|
||||
|
||||
MutableAcl topParent = (MutableAcl) map.get(topParentOid);
|
||||
MutableAcl middleParent = (MutableAcl) map.get(middleParentOid);
|
||||
MutableAcl child = (MutableAcl) map.get(childOid);
|
||||
|
||||
// Check the retrieved versions has IDs
|
||||
assertThat(topParent.getId()).isNotNull();
|
||||
assertThat(middleParent.getId()).isNotNull();
|
||||
assertThat(child.getId()).isNotNull();
|
||||
|
||||
// Check their parents were correctly retrieved
|
||||
assertThat(topParent.getParentAcl()).isNull();
|
||||
assertThat(middleParent.getParentAcl().getObjectIdentity()).isEqualTo(topParentOid);
|
||||
assertThat(child.getParentAcl().getObjectIdentity()).isEqualTo(middleParentOid);
|
||||
|
||||
// Check their ACEs were correctly retrieved
|
||||
assertThat(topParent.getEntries()).hasSize(2);
|
||||
assertThat(middleParent.getEntries()).hasSize(1);
|
||||
assertThat(child.getEntries()).hasSize(1);
|
||||
|
||||
// Check object identities were correctly retrieved
|
||||
assertThat(topParent.getObjectIdentity()).isEqualTo(topParentOid);
|
||||
assertThat(middleParent.getObjectIdentity()).isEqualTo(middleParentOid);
|
||||
assertThat(child.getObjectIdentity()).isEqualTo(childOid);
|
||||
|
||||
// Check each entry
|
||||
assertThat(topParent.isEntriesInheriting()).isTrue();
|
||||
assertThat(Long.valueOf(1)).isEqualTo(topParent.getId());
|
||||
@@ -222,14 +211,12 @@ public abstract class AbstractBasicLookupStrategyTests {
|
||||
assertThat(((AuditableAccessControlEntry) topParent.getEntries().get(0)).isAuditFailure()).isFalse();
|
||||
assertThat(((AuditableAccessControlEntry) topParent.getEntries().get(0)).isAuditSuccess()).isFalse();
|
||||
assertThat((topParent.getEntries().get(0)).isGranting()).isTrue();
|
||||
|
||||
assertThat(Long.valueOf(2)).isEqualTo(topParent.getEntries().get(1).getId());
|
||||
assertThat(topParent.getEntries().get(1).getPermission()).isEqualTo(BasePermission.WRITE);
|
||||
assertThat(topParent.getEntries().get(1).getSid()).isEqualTo(new PrincipalSid("ben"));
|
||||
assertThat(((AuditableAccessControlEntry) topParent.getEntries().get(1)).isAuditFailure()).isFalse();
|
||||
assertThat(((AuditableAccessControlEntry) topParent.getEntries().get(1)).isAuditSuccess()).isFalse();
|
||||
assertThat(topParent.getEntries().get(1).isGranting()).isFalse();
|
||||
|
||||
assertThat(middleParent.isEntriesInheriting()).isTrue();
|
||||
assertThat(Long.valueOf(2)).isEqualTo(middleParent.getId());
|
||||
assertThat(new PrincipalSid("ben")).isEqualTo(middleParent.getOwner());
|
||||
@@ -239,7 +226,6 @@ public abstract class AbstractBasicLookupStrategyTests {
|
||||
assertThat(((AuditableAccessControlEntry) middleParent.getEntries().get(0)).isAuditFailure()).isFalse();
|
||||
assertThat(((AuditableAccessControlEntry) middleParent.getEntries().get(0)).isAuditSuccess()).isFalse();
|
||||
assertThat(middleParent.getEntries().get(0).isGranting()).isTrue();
|
||||
|
||||
assertThat(child.isEntriesInheriting()).isTrue();
|
||||
assertThat(Long.valueOf(3)).isEqualTo(child.getId());
|
||||
assertThat(new PrincipalSid("ben")).isEqualTo(child.getOwner());
|
||||
@@ -255,15 +241,12 @@ public abstract class AbstractBasicLookupStrategyTests {
|
||||
public void testAllParentsAreRetrievedWhenChildIsLoaded() {
|
||||
String query = "INSERT INTO acl_object_identity(ID,OBJECT_ID_CLASS,OBJECT_ID_IDENTITY,PARENT_OBJECT,OWNER_SID,ENTRIES_INHERITING) VALUES (6,2,103,1,1,1);";
|
||||
getJdbcTemplate().execute(query);
|
||||
|
||||
ObjectIdentity topParentOid = new ObjectIdentityImpl(TARGET_CLASS, 100L);
|
||||
ObjectIdentity middleParentOid = new ObjectIdentityImpl(TARGET_CLASS, 101L);
|
||||
ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, 102L);
|
||||
ObjectIdentity middleParent2Oid = new ObjectIdentityImpl(TARGET_CLASS, 103L);
|
||||
|
||||
// Retrieve the child
|
||||
Map<ObjectIdentity, Acl> map = this.strategy.readAclsById(Arrays.asList(childOid), null);
|
||||
|
||||
// Check that the child and all its parents were retrieved
|
||||
assertThat(map.get(childOid)).isNotNull();
|
||||
assertThat(map.get(childOid).getObjectIdentity()).isEqualTo(childOid);
|
||||
@@ -271,7 +254,6 @@ public abstract class AbstractBasicLookupStrategyTests {
|
||||
assertThat(map.get(middleParentOid).getObjectIdentity()).isEqualTo(middleParentOid);
|
||||
assertThat(map.get(topParentOid)).isNotNull();
|
||||
assertThat(map.get(topParentOid).getObjectIdentity()).isEqualTo(topParentOid);
|
||||
|
||||
// The second parent shouldn't have been retrieved
|
||||
assertThat(map.get(middleParent2Oid)).isNull();
|
||||
}
|
||||
@@ -287,26 +269,21 @@ public abstract class AbstractBasicLookupStrategyTests {
|
||||
+ "INSERT INTO acl_object_identity(ID,OBJECT_ID_CLASS,OBJECT_ID_IDENTITY,PARENT_OBJECT,OWNER_SID,ENTRIES_INHERITING) VALUES (9,2,108,7,1,1);"
|
||||
+ "INSERT INTO acl_entry(ID,ACL_OBJECT_IDENTITY,ACE_ORDER,SID,MASK,GRANTING,AUDIT_SUCCESS,AUDIT_FAILURE) VALUES (7,6,0,1,1,1,0,0)";
|
||||
getJdbcTemplate().execute(query);
|
||||
|
||||
ObjectIdentity grandParentOid = new ObjectIdentityImpl(TARGET_CLASS, 104L);
|
||||
ObjectIdentity parent1Oid = new ObjectIdentityImpl(TARGET_CLASS, 105L);
|
||||
ObjectIdentity parent2Oid = new ObjectIdentityImpl(TARGET_CLASS, 106);
|
||||
ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, 107);
|
||||
|
||||
// First lookup only child, thus populating the cache with grandParent,
|
||||
// parent1
|
||||
// and child
|
||||
List<Permission> checkPermission = Arrays.asList(BasePermission.READ);
|
||||
List<Sid> sids = Arrays.asList(BEN_SID);
|
||||
List<ObjectIdentity> childOids = Arrays.asList(childOid);
|
||||
|
||||
this.strategy.setBatchSize(6);
|
||||
Map<ObjectIdentity, Acl> foundAcls = this.strategy.readAclsById(childOids, sids);
|
||||
|
||||
Acl foundChildAcl = foundAcls.get(childOid);
|
||||
assertThat(foundChildAcl).isNotNull();
|
||||
assertThat(foundChildAcl.isGranted(checkPermission, sids, false)).isTrue();
|
||||
|
||||
// Search for object identities has to be done in the following order:
|
||||
// last
|
||||
// element have to be one which
|
||||
@@ -315,12 +292,10 @@ public abstract class AbstractBasicLookupStrategyTests {
|
||||
List<ObjectIdentity> allOids = Arrays.asList(grandParentOid, parent1Oid, parent2Oid, childOid);
|
||||
try {
|
||||
foundAcls = this.strategy.readAclsById(allOids, sids);
|
||||
|
||||
}
|
||||
catch (NotFoundException notExpected) {
|
||||
fail("It shouldn't have thrown NotFoundException");
|
||||
}
|
||||
|
||||
Acl foundParent2Acl = foundAcls.get(parent2Oid);
|
||||
assertThat(foundParent2Acl).isNotNull();
|
||||
assertThat(foundParent2Acl.isGranted(checkPermission, sids, false)).isTrue();
|
||||
@@ -329,18 +304,14 @@ public abstract class AbstractBasicLookupStrategyTests {
|
||||
@Test(expected = IllegalArgumentException.class)
|
||||
public void nullOwnerIsNotSupported() {
|
||||
String query = "INSERT INTO acl_object_identity(ID,OBJECT_ID_CLASS,OBJECT_ID_IDENTITY,PARENT_OBJECT,OWNER_SID,ENTRIES_INHERITING) VALUES (6,2,104,null,null,1);";
|
||||
|
||||
getJdbcTemplate().execute(query);
|
||||
|
||||
ObjectIdentity oid = new ObjectIdentityImpl(TARGET_CLASS, 104L);
|
||||
|
||||
this.strategy.readAclsById(Arrays.asList(oid), Arrays.asList(BEN_SID));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void testCreatePrincipalSid() {
|
||||
Sid result = this.strategy.createSid(true, "sid");
|
||||
|
||||
assertThat(result.getClass()).isEqualTo(PrincipalSid.class);
|
||||
assertThat(((PrincipalSid) result).getPrincipal()).isEqualTo("sid");
|
||||
}
|
||||
@@ -348,7 +319,6 @@ public abstract class AbstractBasicLookupStrategyTests {
|
||||
@Test
|
||||
public void testCreateGrantedAuthority() {
|
||||
Sid result = this.strategy.createSid(false, "sid");
|
||||
|
||||
assertThat(result.getClass()).isEqualTo(GrantedAuthoritySid.class);
|
||||
assertThat(((GrantedAuthoritySid) result).getGrantedAuthority()).isEqualTo("sid");
|
||||
}
|
||||
|
||||
-2
@@ -58,12 +58,10 @@ public class BasicLookupStrategyTestsDbHelper {
|
||||
else {
|
||||
connectionUrl = "jdbc:hsqldb:mem:lookupstrategytestWithAclClassIdType";
|
||||
sqlClassPathResource = ACL_SCHEMA_SQL_FILE_WITH_ACL_CLASS_ID;
|
||||
|
||||
}
|
||||
this.dataSource = new SingleConnectionDataSource(connectionUrl, "sa", "", true);
|
||||
this.dataSource.setDriverClassName("org.hsqldb.jdbcDriver");
|
||||
this.jdbcTemplate = new JdbcTemplate(this.dataSource);
|
||||
|
||||
Resource resource = new ClassPathResource(sqlClassPathResource);
|
||||
String sql = new String(FileCopyUtils.copyToByteArray(resource.getInputStream()));
|
||||
this.jdbcTemplate.execute(sql);
|
||||
|
||||
@@ -35,7 +35,6 @@ public class DatabaseSeeder {
|
||||
public DatabaseSeeder(DataSource dataSource, Resource resource) throws IOException {
|
||||
Assert.notNull(dataSource, "dataSource required");
|
||||
Assert.notNull(resource, "resource required");
|
||||
|
||||
JdbcTemplate template = new JdbcTemplate(dataSource);
|
||||
String sql = new String(FileCopyUtils.copyToByteArray(resource.getInputStream()));
|
||||
template.execute(sql);
|
||||
|
||||
-34
@@ -82,12 +82,10 @@ public class EhCacheBasedAclCacheTests {
|
||||
this.myCache = new EhCacheBasedAclCache(this.cache,
|
||||
new DefaultPermissionGrantingStrategy(new ConsoleAuditLogger()),
|
||||
new AclAuthorizationStrategyImpl(new SimpleGrantedAuthority("ROLE_USER")));
|
||||
|
||||
ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, 100L);
|
||||
AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
|
||||
new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"),
|
||||
new SimpleGrantedAuthority("ROLE_GENERAL"));
|
||||
|
||||
this.acl = new AclImpl(identity, 1L, aclAuthorizationStrategy, new ConsoleAuditLogger());
|
||||
}
|
||||
|
||||
@@ -111,7 +109,6 @@ public class EhCacheBasedAclCacheTests {
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
try {
|
||||
ObjectIdentity obj = null;
|
||||
this.myCache.evictFromCache(obj);
|
||||
@@ -119,7 +116,6 @@ public class EhCacheBasedAclCacheTests {
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
try {
|
||||
Serializable id = null;
|
||||
this.myCache.getFromCache(id);
|
||||
@@ -127,7 +123,6 @@ public class EhCacheBasedAclCacheTests {
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
try {
|
||||
ObjectIdentity obj = null;
|
||||
this.myCache.getFromCache(obj);
|
||||
@@ -135,7 +130,6 @@ public class EhCacheBasedAclCacheTests {
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
try {
|
||||
MutableAcl acl = null;
|
||||
this.myCache.putInCache(acl);
|
||||
@@ -154,17 +148,13 @@ public class EhCacheBasedAclCacheTests {
|
||||
ObjectOutputStream oos = new ObjectOutputStream(fos);
|
||||
oos.writeObject(this.acl);
|
||||
oos.close();
|
||||
|
||||
FileInputStream fis = new FileInputStream(file);
|
||||
ObjectInputStream ois = new ObjectInputStream(fis);
|
||||
MutableAcl retrieved = (MutableAcl) ois.readObject();
|
||||
ois.close();
|
||||
|
||||
assertThat(retrieved).isEqualTo(this.acl);
|
||||
|
||||
Object retrieved1 = FieldUtils.getProtectedFieldValue("aclAuthorizationStrategy", retrieved);
|
||||
assertThat(retrieved1).isNull();
|
||||
|
||||
Object retrieved2 = FieldUtils.getProtectedFieldValue("permissionGrantingStrategy", retrieved);
|
||||
assertThat(retrieved2).isNull();
|
||||
}
|
||||
@@ -172,14 +162,12 @@ public class EhCacheBasedAclCacheTests {
|
||||
@Test
|
||||
public void clearCache() {
|
||||
this.myCache.clearCache();
|
||||
|
||||
verify(this.cache).removeAll();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void putInCache() {
|
||||
this.myCache.putInCache(this.acl);
|
||||
|
||||
verify(this.cache, times(2)).put(this.element.capture());
|
||||
assertThat(this.element.getValue().getKey()).isEqualTo(this.acl.getId());
|
||||
assertThat(this.element.getValue().getObjectValue()).isEqualTo(this.acl);
|
||||
@@ -192,29 +180,21 @@ public class EhCacheBasedAclCacheTests {
|
||||
Authentication auth = new TestingAuthenticationToken("user", "password", "ROLE_GENERAL");
|
||||
auth.setAuthenticated(true);
|
||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
|
||||
ObjectIdentity identityParent = new ObjectIdentityImpl(TARGET_CLASS, 2L);
|
||||
AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
|
||||
new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"),
|
||||
new SimpleGrantedAuthority("ROLE_GENERAL"));
|
||||
MutableAcl parentAcl = new AclImpl(identityParent, 2L, aclAuthorizationStrategy, new ConsoleAuditLogger());
|
||||
this.acl.setParent(parentAcl);
|
||||
|
||||
this.myCache.putInCache(this.acl);
|
||||
|
||||
verify(this.cache, times(4)).put(this.element.capture());
|
||||
|
||||
List<Element> allValues = this.element.getAllValues();
|
||||
|
||||
assertThat(allValues.get(0).getKey()).isEqualTo(parentAcl.getObjectIdentity());
|
||||
assertThat(allValues.get(0).getObjectValue()).isEqualTo(parentAcl);
|
||||
|
||||
assertThat(allValues.get(1).getKey()).isEqualTo(parentAcl.getId());
|
||||
assertThat(allValues.get(1).getObjectValue()).isEqualTo(parentAcl);
|
||||
|
||||
assertThat(allValues.get(2).getKey()).isEqualTo(this.acl.getObjectIdentity());
|
||||
assertThat(allValues.get(2).getObjectValue()).isEqualTo(this.acl);
|
||||
|
||||
assertThat(allValues.get(3).getKey()).isEqualTo(this.acl.getId());
|
||||
assertThat(allValues.get(3).getObjectValue()).isEqualTo(this.acl);
|
||||
}
|
||||
@@ -222,21 +202,16 @@ public class EhCacheBasedAclCacheTests {
|
||||
@Test
|
||||
public void getFromCacheSerializable() {
|
||||
given(this.cache.get(this.acl.getId())).willReturn(new Element(this.acl.getId(), this.acl));
|
||||
|
||||
assertThat(this.myCache.getFromCache(this.acl.getId())).isEqualTo(this.acl);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void getFromCacheSerializablePopulatesTransient() {
|
||||
given(this.cache.get(this.acl.getId())).willReturn(new Element(this.acl.getId(), this.acl));
|
||||
|
||||
this.myCache.putInCache(this.acl);
|
||||
|
||||
ReflectionTestUtils.setField(this.acl, "permissionGrantingStrategy", null);
|
||||
ReflectionTestUtils.setField(this.acl, "aclAuthorizationStrategy", null);
|
||||
|
||||
MutableAcl fromCache = this.myCache.getFromCache(this.acl.getId());
|
||||
|
||||
assertThat(ReflectionTestUtils.getField(fromCache, "aclAuthorizationStrategy")).isNotNull();
|
||||
assertThat(ReflectionTestUtils.getField(fromCache, "permissionGrantingStrategy")).isNotNull();
|
||||
}
|
||||
@@ -244,21 +219,16 @@ public class EhCacheBasedAclCacheTests {
|
||||
@Test
|
||||
public void getFromCacheObjectIdentity() {
|
||||
given(this.cache.get(this.acl.getId())).willReturn(new Element(this.acl.getId(), this.acl));
|
||||
|
||||
assertThat(this.myCache.getFromCache(this.acl.getId())).isEqualTo(this.acl);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void getFromCacheObjectIdentityPopulatesTransient() {
|
||||
given(this.cache.get(this.acl.getObjectIdentity())).willReturn(new Element(this.acl.getId(), this.acl));
|
||||
|
||||
this.myCache.putInCache(this.acl);
|
||||
|
||||
ReflectionTestUtils.setField(this.acl, "permissionGrantingStrategy", null);
|
||||
ReflectionTestUtils.setField(this.acl, "aclAuthorizationStrategy", null);
|
||||
|
||||
MutableAcl fromCache = this.myCache.getFromCache(this.acl.getObjectIdentity());
|
||||
|
||||
assertThat(ReflectionTestUtils.getField(fromCache, "aclAuthorizationStrategy")).isNotNull();
|
||||
assertThat(ReflectionTestUtils.getField(fromCache, "permissionGrantingStrategy")).isNotNull();
|
||||
}
|
||||
@@ -266,9 +236,7 @@ public class EhCacheBasedAclCacheTests {
|
||||
@Test
|
||||
public void evictCacheSerializable() {
|
||||
given(this.cache.get(this.acl.getObjectIdentity())).willReturn(new Element(this.acl.getId(), this.acl));
|
||||
|
||||
this.myCache.evictFromCache(this.acl.getObjectIdentity());
|
||||
|
||||
verify(this.cache).remove(this.acl.getId());
|
||||
verify(this.cache).remove(this.acl.getObjectIdentity());
|
||||
}
|
||||
@@ -276,9 +244,7 @@ public class EhCacheBasedAclCacheTests {
|
||||
@Test
|
||||
public void evictCacheObjectIdentity() {
|
||||
given(this.cache.get(this.acl.getId())).willReturn(new Element(this.acl.getId(), this.acl));
|
||||
|
||||
this.myCache.evictFromCache(this.acl.getId());
|
||||
|
||||
verify(this.cache).remove(this.acl.getId());
|
||||
verify(this.cache).remove(this.acl.getObjectIdentity());
|
||||
}
|
||||
|
||||
@@ -97,7 +97,6 @@ public class JdbcAclServiceTests {
|
||||
given(this.lookupStrategy.readAclsById(anyList(), anyList())).willReturn(result);
|
||||
ObjectIdentity objectIdentity = new ObjectIdentityImpl(Object.class, 1);
|
||||
List<Sid> sids = Arrays.<Sid>asList(new PrincipalSid("user"));
|
||||
|
||||
this.aclService.readAclById(objectIdentity, sids);
|
||||
}
|
||||
|
||||
@@ -108,7 +107,6 @@ public class JdbcAclServiceTests {
|
||||
Object[] args = { "1", "org.springframework.security.acls.jdbc.JdbcAclServiceTests$MockLongIdDomainObject" };
|
||||
given(this.jdbcOperations.query(anyString(), eq(args), any(RowMapper.class))).willReturn(result);
|
||||
ObjectIdentity objectIdentity = new ObjectIdentityImpl(MockLongIdDomainObject.class, 1L);
|
||||
|
||||
List<ObjectIdentity> objectIdentities = this.aclService.findChildren(objectIdentity);
|
||||
assertThat(objectIdentities.size()).isEqualTo(1);
|
||||
assertThat(objectIdentities.get(0).getIdentifier()).isEqualTo("5577");
|
||||
@@ -117,7 +115,6 @@ public class JdbcAclServiceTests {
|
||||
@Test
|
||||
public void findNoChildren() {
|
||||
ObjectIdentity objectIdentity = new ObjectIdentityImpl(MockLongIdDomainObject.class, 1L);
|
||||
|
||||
List<ObjectIdentity> objectIdentities = this.aclService.findChildren(objectIdentity);
|
||||
assertThat(objectIdentities).isNull();
|
||||
}
|
||||
@@ -125,7 +122,6 @@ public class JdbcAclServiceTests {
|
||||
@Test
|
||||
public void findChildrenWithoutIdType() {
|
||||
ObjectIdentity objectIdentity = new ObjectIdentityImpl(MockLongIdDomainObject.class, 4711L);
|
||||
|
||||
List<ObjectIdentity> objectIdentities = this.aclServiceIntegration.findChildren(objectIdentity);
|
||||
assertThat(objectIdentities.size()).isEqualTo(1);
|
||||
assertThat(objectIdentities.get(0).getType()).isEqualTo(MockUntypedIdDomainObject.class.getName());
|
||||
@@ -135,7 +131,6 @@ public class JdbcAclServiceTests {
|
||||
@Test
|
||||
public void findChildrenForUnknownObject() {
|
||||
ObjectIdentity objectIdentity = new ObjectIdentityImpl(Object.class, 33);
|
||||
|
||||
List<ObjectIdentity> objectIdentities = this.aclServiceIntegration.findChildren(objectIdentity);
|
||||
assertThat(objectIdentities).isNull();
|
||||
}
|
||||
@@ -143,7 +138,6 @@ public class JdbcAclServiceTests {
|
||||
@Test
|
||||
public void findChildrenOfIdTypeLong() {
|
||||
ObjectIdentity objectIdentity = new ObjectIdentityImpl("location", "US-PAL");
|
||||
|
||||
List<ObjectIdentity> objectIdentities = this.aclServiceIntegration.findChildren(objectIdentity);
|
||||
assertThat(objectIdentities.size()).isEqualTo(2);
|
||||
assertThat(objectIdentities.get(0).getType()).isEqualTo(MockLongIdDomainObject.class.getName());
|
||||
@@ -155,7 +149,6 @@ public class JdbcAclServiceTests {
|
||||
@Test
|
||||
public void findChildrenOfIdTypeString() {
|
||||
ObjectIdentity objectIdentity = new ObjectIdentityImpl("location", "US");
|
||||
|
||||
this.aclServiceIntegration.setAclClassIdSupported(true);
|
||||
List<ObjectIdentity> objectIdentities = this.aclServiceIntegration.findChildren(objectIdentity);
|
||||
assertThat(objectIdentities.size()).isEqualTo(1);
|
||||
@@ -166,7 +159,6 @@ public class JdbcAclServiceTests {
|
||||
@Test
|
||||
public void findChildrenOfIdTypeUUID() {
|
||||
ObjectIdentity objectIdentity = new ObjectIdentityImpl(MockUntypedIdDomainObject.class, 5000L);
|
||||
|
||||
this.aclServiceIntegration.setAclClassIdSupported(true);
|
||||
List<ObjectIdentity> objectIdentities = this.aclServiceIntegration.findChildren(objectIdentity);
|
||||
assertThat(objectIdentities.size()).isEqualTo(1);
|
||||
|
||||
-63
@@ -142,123 +142,97 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
|
||||
@Transactional
|
||||
public void testLifecycle() {
|
||||
SecurityContextHolder.getContext().setAuthentication(this.auth);
|
||||
|
||||
MutableAcl topParent = this.jdbcMutableAclService.createAcl(getTopParentOid());
|
||||
MutableAcl middleParent = this.jdbcMutableAclService.createAcl(getMiddleParentOid());
|
||||
MutableAcl child = this.jdbcMutableAclService.createAcl(getChildOid());
|
||||
|
||||
// Specify the inheritance hierarchy
|
||||
middleParent.setParent(topParent);
|
||||
child.setParent(middleParent);
|
||||
|
||||
// Now let's add a couple of permissions
|
||||
topParent.insertAce(0, BasePermission.READ, new PrincipalSid(this.auth), true);
|
||||
topParent.insertAce(1, BasePermission.WRITE, new PrincipalSid(this.auth), false);
|
||||
middleParent.insertAce(0, BasePermission.DELETE, new PrincipalSid(this.auth), true);
|
||||
child.insertAce(0, BasePermission.DELETE, new PrincipalSid(this.auth), false);
|
||||
|
||||
// Explicitly save the changed ACL
|
||||
this.jdbcMutableAclService.updateAcl(topParent);
|
||||
this.jdbcMutableAclService.updateAcl(middleParent);
|
||||
this.jdbcMutableAclService.updateAcl(child);
|
||||
|
||||
// Let's check if we can read them back correctly
|
||||
Map<ObjectIdentity, Acl> map = this.jdbcMutableAclService
|
||||
.readAclsById(Arrays.asList(getTopParentOid(), getMiddleParentOid(), getChildOid()));
|
||||
assertThat(map).hasSize(3);
|
||||
|
||||
// Replace our current objects with their retrieved versions
|
||||
topParent = (MutableAcl) map.get(getTopParentOid());
|
||||
middleParent = (MutableAcl) map.get(getMiddleParentOid());
|
||||
child = (MutableAcl) map.get(getChildOid());
|
||||
|
||||
// Check the retrieved versions has IDs
|
||||
assertThat(topParent.getId()).isNotNull();
|
||||
assertThat(middleParent.getId()).isNotNull();
|
||||
assertThat(child.getId()).isNotNull();
|
||||
|
||||
// Check their parents were correctly persisted
|
||||
assertThat(topParent.getParentAcl()).isNull();
|
||||
assertThat(middleParent.getParentAcl().getObjectIdentity()).isEqualTo(getTopParentOid());
|
||||
assertThat(child.getParentAcl().getObjectIdentity()).isEqualTo(getMiddleParentOid());
|
||||
|
||||
// Check their ACEs were correctly persisted
|
||||
assertThat(topParent.getEntries()).hasSize(2);
|
||||
assertThat(middleParent.getEntries()).hasSize(1);
|
||||
assertThat(child.getEntries()).hasSize(1);
|
||||
|
||||
// Check the retrieved rights are correct
|
||||
List<Permission> read = Arrays.asList(BasePermission.READ);
|
||||
List<Permission> write = Arrays.asList(BasePermission.WRITE);
|
||||
List<Permission> delete = Arrays.asList(BasePermission.DELETE);
|
||||
List<Sid> pSid = Arrays.asList((Sid) new PrincipalSid(this.auth));
|
||||
|
||||
assertThat(topParent.isGranted(read, pSid, false)).isTrue();
|
||||
assertThat(topParent.isGranted(write, pSid, false)).isFalse();
|
||||
assertThat(middleParent.isGranted(delete, pSid, false)).isTrue();
|
||||
assertThat(child.isGranted(delete, pSid, false)).isFalse();
|
||||
|
||||
try {
|
||||
child.isGranted(Arrays.asList(BasePermission.ADMINISTRATION), pSid, false);
|
||||
fail("Should have thrown NotFoundException");
|
||||
}
|
||||
catch (NotFoundException expected) {
|
||||
|
||||
}
|
||||
|
||||
// Now check the inherited rights (when not explicitly overridden) also look OK
|
||||
assertThat(child.isGranted(read, pSid, false)).isTrue();
|
||||
assertThat(child.isGranted(write, pSid, false)).isFalse();
|
||||
assertThat(child.isGranted(delete, pSid, false)).isFalse();
|
||||
|
||||
// Next change the child so it doesn't inherit permissions from above
|
||||
child.setEntriesInheriting(false);
|
||||
this.jdbcMutableAclService.updateAcl(child);
|
||||
child = (MutableAcl) this.jdbcMutableAclService.readAclById(getChildOid());
|
||||
assertThat(child.isEntriesInheriting()).isFalse();
|
||||
|
||||
// Check the child permissions no longer inherit
|
||||
assertThat(child.isGranted(delete, pSid, true)).isFalse();
|
||||
|
||||
try {
|
||||
child.isGranted(read, pSid, true);
|
||||
fail("Should have thrown NotFoundException");
|
||||
}
|
||||
catch (NotFoundException expected) {
|
||||
|
||||
}
|
||||
|
||||
try {
|
||||
child.isGranted(write, pSid, true);
|
||||
fail("Should have thrown NotFoundException");
|
||||
}
|
||||
catch (NotFoundException expected) {
|
||||
|
||||
}
|
||||
|
||||
// Let's add an identical permission to the child, but it'll appear AFTER the
|
||||
// current permission, so has no impact
|
||||
child.insertAce(1, BasePermission.DELETE, new PrincipalSid(this.auth), true);
|
||||
|
||||
// Let's also add another permission to the child
|
||||
child.insertAce(2, BasePermission.CREATE, new PrincipalSid(this.auth), true);
|
||||
|
||||
// Save the changed child
|
||||
this.jdbcMutableAclService.updateAcl(child);
|
||||
child = (MutableAcl) this.jdbcMutableAclService.readAclById(getChildOid());
|
||||
assertThat(child.getEntries()).hasSize(3);
|
||||
|
||||
// Output permissions
|
||||
for (int i = 0; i < child.getEntries().size(); i++) {
|
||||
System.out.println(child.getEntries().get(i));
|
||||
}
|
||||
|
||||
// Check the permissions are as they should be
|
||||
assertThat(child.isGranted(delete, pSid, true)).isFalse(); // as earlier
|
||||
// permission
|
||||
// overrode
|
||||
assertThat(child.isGranted(Arrays.asList(BasePermission.CREATE), pSid, true)).isTrue();
|
||||
|
||||
// Now check the first ACE (index 0) really is DELETE for our Sid and is
|
||||
// non-granting
|
||||
AccessControlEntry entry = child.getEntries().get(0);
|
||||
@@ -266,15 +240,12 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
|
||||
assertThat(entry.getSid()).isEqualTo(new PrincipalSid(this.auth));
|
||||
assertThat(entry.isGranting()).isFalse();
|
||||
assertThat(entry.getId()).isNotNull();
|
||||
|
||||
// Now delete that first ACE
|
||||
child.deleteAce(0);
|
||||
|
||||
// Save and check it worked
|
||||
child = this.jdbcMutableAclService.updateAcl(child);
|
||||
assertThat(child.getEntries()).hasSize(2);
|
||||
assertThat(child.isGranted(delete, pSid, false)).isTrue();
|
||||
|
||||
SecurityContextHolder.clearContext();
|
||||
}
|
||||
|
||||
@@ -285,7 +256,6 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
|
||||
@Transactional
|
||||
public void deleteAclAlsoDeletesChildren() {
|
||||
SecurityContextHolder.getContext().setAuthentication(this.auth);
|
||||
|
||||
this.jdbcMutableAclService.createAcl(getTopParentOid());
|
||||
MutableAcl middleParent = this.jdbcMutableAclService.createAcl(getMiddleParentOid());
|
||||
MutableAcl child = this.jdbcMutableAclService.createAcl(getChildOid());
|
||||
@@ -294,27 +264,21 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
|
||||
this.jdbcMutableAclService.updateAcl(child);
|
||||
// Check the childOid really is a child of middleParentOid
|
||||
Acl childAcl = this.jdbcMutableAclService.readAclById(getChildOid());
|
||||
|
||||
assertThat(childAcl.getParentAcl().getObjectIdentity()).isEqualTo(getMiddleParentOid());
|
||||
|
||||
// Delete the mid-parent and test if the child was deleted, as well
|
||||
this.jdbcMutableAclService.deleteAcl(getMiddleParentOid(), true);
|
||||
|
||||
try {
|
||||
this.jdbcMutableAclService.readAclById(getMiddleParentOid());
|
||||
fail("It should have thrown NotFoundException");
|
||||
}
|
||||
catch (NotFoundException expected) {
|
||||
|
||||
}
|
||||
try {
|
||||
this.jdbcMutableAclService.readAclById(getChildOid());
|
||||
fail("It should have thrown NotFoundException");
|
||||
}
|
||||
catch (NotFoundException expected) {
|
||||
|
||||
}
|
||||
|
||||
Acl acl = this.jdbcMutableAclService.readAclById(getTopParentOid());
|
||||
assertThat(acl).isNotNull();
|
||||
assertThat(getTopParentOid()).isEqualTo(acl.getObjectIdentity());
|
||||
@@ -328,14 +292,12 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
try {
|
||||
new JdbcMutableAclService(this.dataSource, null, this.aclCache);
|
||||
fail("It should have thrown IllegalArgumentException");
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
try {
|
||||
new JdbcMutableAclService(this.dataSource, this.lookupStrategy, null);
|
||||
fail("It should have thrown IllegalArgumentException");
|
||||
@@ -386,11 +348,9 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
|
||||
SecurityContextHolder.getContext().setAuthentication(this.auth);
|
||||
MutableAcl parent = this.jdbcMutableAclService.createAcl(getTopParentOid());
|
||||
MutableAcl child = this.jdbcMutableAclService.createAcl(getMiddleParentOid());
|
||||
|
||||
// Specify the inheritance hierarchy
|
||||
child.setParent(parent);
|
||||
this.jdbcMutableAclService.updateAcl(child);
|
||||
|
||||
try {
|
||||
this.jdbcMutableAclService.setForeignKeysInDatabase(false); // switch on FK
|
||||
// checking in the
|
||||
@@ -413,13 +373,11 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
|
||||
MutableAcl child = this.jdbcMutableAclService.createAcl(getChildOid());
|
||||
child.insertAce(0, BasePermission.DELETE, new PrincipalSid(this.auth), false);
|
||||
this.jdbcMutableAclService.updateAcl(child);
|
||||
|
||||
// Remove the child and check all related database rows were removed accordingly
|
||||
this.jdbcMutableAclService.deleteAcl(getChildOid(), false);
|
||||
assertThat(this.jdbcTemplate.queryForList(SELECT_ALL_CLASSES, new Object[] { getTargetClass() })).hasSize(1);
|
||||
assertThat(this.jdbcTemplate.queryForList("select * from acl_object_identity")).isEmpty();
|
||||
assertThat(this.jdbcTemplate.queryForList("select * from acl_entry")).isEmpty();
|
||||
|
||||
// Check the cache
|
||||
assertThat(this.aclCache.getFromCache(getChildOid())).isNull();
|
||||
assertThat(this.aclCache.getFromCache(102L)).isNull();
|
||||
@@ -432,7 +390,6 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
|
||||
SecurityContextHolder.getContext().setAuthentication(this.auth);
|
||||
ObjectIdentity oid = new ObjectIdentityImpl(TARGET_CLASS, 101);
|
||||
this.jdbcMutableAclService.createAcl(oid);
|
||||
|
||||
assertThat(this.jdbcMutableAclService.readAclById(new ObjectIdentityImpl(TARGET_CLASS, 101L))).isNotNull();
|
||||
}
|
||||
|
||||
@@ -445,27 +402,20 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
|
||||
Authentication auth = new TestingAuthenticationToken("ben", "ignored", "ROLE_ADMINISTRATOR");
|
||||
auth.setAuthenticated(true);
|
||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
|
||||
ObjectIdentity parentOid = new ObjectIdentityImpl(TARGET_CLASS, 104L);
|
||||
ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, 105L);
|
||||
|
||||
MutableAcl parent = this.jdbcMutableAclService.createAcl(parentOid);
|
||||
MutableAcl child = this.jdbcMutableAclService.createAcl(childOid);
|
||||
|
||||
child.setParent(parent);
|
||||
this.jdbcMutableAclService.updateAcl(child);
|
||||
|
||||
parent = (AclImpl) this.jdbcMutableAclService.readAclById(parentOid);
|
||||
parent.insertAce(0, BasePermission.READ, new PrincipalSid("ben"), true);
|
||||
this.jdbcMutableAclService.updateAcl(parent);
|
||||
|
||||
parent = (AclImpl) this.jdbcMutableAclService.readAclById(parentOid);
|
||||
parent.insertAce(1, BasePermission.READ, new PrincipalSid("scott"), true);
|
||||
this.jdbcMutableAclService.updateAcl(parent);
|
||||
|
||||
child = (MutableAcl) this.jdbcMutableAclService.readAclById(childOid);
|
||||
parent = (MutableAcl) child.getParentAcl();
|
||||
|
||||
assertThat(parent.getEntries()).hasSize(2)
|
||||
.withFailMessage("Fails because child has a stale reference to its parent");
|
||||
assertThat(parent.getEntries().get(0).getPermission().getMask()).isEqualTo(1);
|
||||
@@ -483,22 +433,16 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
|
||||
Authentication auth = new TestingAuthenticationToken("system", "secret", "ROLE_IGNORED");
|
||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
ObjectIdentityImpl rootObject = new ObjectIdentityImpl(TARGET_CLASS, 1L);
|
||||
|
||||
MutableAcl parent = this.jdbcMutableAclService.createAcl(rootObject);
|
||||
MutableAcl child = this.jdbcMutableAclService.createAcl(new ObjectIdentityImpl(TARGET_CLASS, 2L));
|
||||
child.setParent(parent);
|
||||
this.jdbcMutableAclService.updateAcl(child);
|
||||
|
||||
parent.insertAce(0, BasePermission.ADMINISTRATION, new GrantedAuthoritySid("ROLE_ADMINISTRATOR"), true);
|
||||
this.jdbcMutableAclService.updateAcl(parent);
|
||||
|
||||
parent.insertAce(1, BasePermission.DELETE, new PrincipalSid("terry"), true);
|
||||
this.jdbcMutableAclService.updateAcl(parent);
|
||||
|
||||
child = (MutableAcl) this.jdbcMutableAclService.readAclById(new ObjectIdentityImpl(TARGET_CLASS, 2L));
|
||||
|
||||
parent = (MutableAcl) child.getParentAcl();
|
||||
|
||||
assertThat(parent.getEntries()).hasSize(2);
|
||||
assertThat(parent.getEntries().get(0).getPermission().getMask()).isEqualTo(16);
|
||||
assertThat(parent.getEntries().get(0).getSid()).isEqualTo(new GrantedAuthoritySid("ROLE_ADMINISTRATOR"));
|
||||
@@ -512,24 +456,19 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
|
||||
Authentication auth = new TestingAuthenticationToken("ben", "ignored", "ROLE_ADMINISTRATOR");
|
||||
auth.setAuthenticated(true);
|
||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
|
||||
ObjectIdentity topParentOid = new ObjectIdentityImpl(TARGET_CLASS, 110L);
|
||||
MutableAcl topParent = this.jdbcMutableAclService.createAcl(topParentOid);
|
||||
|
||||
// Add an ACE permission entry
|
||||
Permission cm = new CumulativePermission().set(BasePermission.READ).set(BasePermission.ADMINISTRATION);
|
||||
assertThat(cm.getMask()).isEqualTo(17);
|
||||
Sid benSid = new PrincipalSid(auth);
|
||||
topParent.insertAce(0, cm, benSid, true);
|
||||
assertThat(topParent.getEntries()).hasSize(1);
|
||||
|
||||
// Explicitly save the changed ACL
|
||||
topParent = this.jdbcMutableAclService.updateAcl(topParent);
|
||||
|
||||
// Check the mask was retrieved correctly
|
||||
assertThat(topParent.getEntries().get(0).getPermission().getMask()).isEqualTo(17);
|
||||
assertThat(topParent.isGranted(Arrays.asList(cm), Arrays.asList(benSid), true)).isTrue();
|
||||
|
||||
SecurityContextHolder.clearContext();
|
||||
}
|
||||
|
||||
@@ -539,9 +478,7 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
|
||||
new CustomJdbcMutableAclService(this.dataSource, this.lookupStrategy, this.aclCache));
|
||||
CustomSid customSid = new CustomSid("Custom sid");
|
||||
given(customJdbcMutableAclService.createOrRetrieveSidPrimaryKey("Custom sid", false, false)).willReturn(1L);
|
||||
|
||||
Long result = customJdbcMutableAclService.createOrRetrieveSidPrimaryKey(customSid, false);
|
||||
|
||||
assertThat(new Long(1L)).isEqualTo(result);
|
||||
}
|
||||
|
||||
|
||||
-2
@@ -75,11 +75,9 @@ public class JdbcMutableAclServiceTestsWithAclClassId extends JdbcMutableAclServ
|
||||
@Transactional
|
||||
public void identityWithUuidIdIsSupportedByCreateAcl() {
|
||||
SecurityContextHolder.getContext().setAuthentication(getAuth());
|
||||
|
||||
UUID id = UUID.randomUUID();
|
||||
ObjectIdentity oid = new ObjectIdentityImpl(TARGET_CLASS_WITH_UUID, id);
|
||||
getJdbcMutableAclService().createAcl(oid);
|
||||
|
||||
assertThat(getJdbcMutableAclService().readAclById(new ObjectIdentityImpl(TARGET_CLASS_WITH_UUID, id)))
|
||||
.isNotNull();
|
||||
}
|
||||
|
||||
-16
@@ -89,37 +89,28 @@ public class SpringCacheBasedAclCacheTests {
|
||||
new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"),
|
||||
new SimpleGrantedAuthority("ROLE_GENERAL"));
|
||||
AuditLogger auditLogger = new ConsoleAuditLogger();
|
||||
|
||||
PermissionGrantingStrategy permissionGrantingStrategy = new DefaultPermissionGrantingStrategy(auditLogger);
|
||||
SpringCacheBasedAclCache myCache = new SpringCacheBasedAclCache(cache, permissionGrantingStrategy,
|
||||
aclAuthorizationStrategy);
|
||||
MutableAcl acl = new AclImpl(identity, 1L, aclAuthorizationStrategy, auditLogger);
|
||||
|
||||
assertThat(realCache).isEmpty();
|
||||
myCache.putInCache(acl);
|
||||
|
||||
// Check we can get from cache the same objects we put in
|
||||
assertThat(acl).isEqualTo(myCache.getFromCache(1L));
|
||||
assertThat(acl).isEqualTo(myCache.getFromCache(identity));
|
||||
|
||||
// Put another object in cache
|
||||
ObjectIdentity identity2 = new ObjectIdentityImpl(TARGET_CLASS, 101L);
|
||||
MutableAcl acl2 = new AclImpl(identity2, 2L, aclAuthorizationStrategy, new ConsoleAuditLogger());
|
||||
|
||||
myCache.putInCache(acl2);
|
||||
|
||||
// Try to evict an entry that doesn't exist
|
||||
myCache.evictFromCache(3L);
|
||||
myCache.evictFromCache(new ObjectIdentityImpl(TARGET_CLASS, 102L));
|
||||
assertThat(realCache).hasSize(4);
|
||||
|
||||
myCache.evictFromCache(1L);
|
||||
assertThat(realCache).hasSize(2);
|
||||
|
||||
// Check the second object inserted
|
||||
assertThat(acl2).isEqualTo(myCache.getFromCache(2L));
|
||||
assertThat(acl2).isEqualTo(myCache.getFromCache(identity2));
|
||||
|
||||
myCache.evictFromCache(identity2);
|
||||
assertThat(realCache).isEmpty();
|
||||
}
|
||||
@@ -129,31 +120,24 @@ public class SpringCacheBasedAclCacheTests {
|
||||
public void cacheOperationsAclWithParent() throws Exception {
|
||||
Cache cache = getCache();
|
||||
Map realCache = (Map) cache.getNativeCache();
|
||||
|
||||
Authentication auth = new TestingAuthenticationToken("user", "password", "ROLE_GENERAL");
|
||||
auth.setAuthenticated(true);
|
||||
SecurityContextHolder.getContext().setAuthentication(auth);
|
||||
|
||||
ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, 1L);
|
||||
ObjectIdentity identityParent = new ObjectIdentityImpl(TARGET_CLASS, 2L);
|
||||
AclAuthorizationStrategy aclAuthorizationStrategy = new AclAuthorizationStrategyImpl(
|
||||
new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"),
|
||||
new SimpleGrantedAuthority("ROLE_GENERAL"));
|
||||
AuditLogger auditLogger = new ConsoleAuditLogger();
|
||||
|
||||
PermissionGrantingStrategy permissionGrantingStrategy = new DefaultPermissionGrantingStrategy(auditLogger);
|
||||
SpringCacheBasedAclCache myCache = new SpringCacheBasedAclCache(cache, permissionGrantingStrategy,
|
||||
aclAuthorizationStrategy);
|
||||
|
||||
MutableAcl acl = new AclImpl(identity, 1L, aclAuthorizationStrategy, auditLogger);
|
||||
MutableAcl parentAcl = new AclImpl(identityParent, 2L, aclAuthorizationStrategy, auditLogger);
|
||||
|
||||
acl.setParent(parentAcl);
|
||||
|
||||
assertThat(realCache).isEmpty();
|
||||
myCache.putInCache(acl);
|
||||
assertThat(4).isEqualTo(realCache.size());
|
||||
|
||||
// Check we can get from cache the same objects we put in
|
||||
AclImpl aclFromCache = (AclImpl) myCache.getFromCache(1L);
|
||||
assertThat(aclFromCache).isEqualTo(acl);
|
||||
|
||||
@@ -50,16 +50,13 @@ public class SidRetrievalStrategyTests {
|
||||
public void correctSidsAreRetrieved() {
|
||||
SidRetrievalStrategy retrStrategy = new SidRetrievalStrategyImpl();
|
||||
List<Sid> sids = retrStrategy.getSids(this.authentication);
|
||||
|
||||
assertThat(sids).isNotNull();
|
||||
assertThat(sids).hasSize(4);
|
||||
assertThat(sids.get(0)).isNotNull();
|
||||
assertThat(sids.get(0) instanceof PrincipalSid).isTrue();
|
||||
|
||||
for (int i = 1; i < sids.size(); i++) {
|
||||
assertThat(sids.get(i) instanceof GrantedAuthoritySid).isTrue();
|
||||
}
|
||||
|
||||
assertThat(((PrincipalSid) sids.get(0)).getPrincipal()).isEqualTo("scott");
|
||||
assertThat(((GrantedAuthoritySid) sids.get(1)).getGrantedAuthority()).isEqualTo("A");
|
||||
assertThat(((GrantedAuthoritySid) sids.get(2)).getGrantedAuthority()).isEqualTo("B");
|
||||
@@ -72,7 +69,6 @@ public class SidRetrievalStrategyTests {
|
||||
List rhAuthorities = AuthorityUtils.createAuthorityList("D");
|
||||
given(rh.getReachableGrantedAuthorities(anyCollection())).willReturn(rhAuthorities);
|
||||
SidRetrievalStrategy strat = new SidRetrievalStrategyImpl(rh);
|
||||
|
||||
List<Sid> sids = strat.getSids(this.authentication);
|
||||
assertThat(sids).hasSize(2);
|
||||
assertThat(sids.get(0)).isNotNull();
|
||||
|
||||
@@ -46,17 +46,14 @@ public class SidTests {
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
try {
|
||||
new PrincipalSid("");
|
||||
fail("It should have thrown IllegalArgumentException");
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
new PrincipalSid("johndoe");
|
||||
// throws no exception
|
||||
|
||||
// Check one Authentication-argument constructor
|
||||
try {
|
||||
Authentication authentication = null;
|
||||
@@ -65,7 +62,6 @@ public class SidTests {
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
try {
|
||||
Authentication authentication = new TestingAuthenticationToken(null, "password");
|
||||
new PrincipalSid(authentication);
|
||||
@@ -73,7 +69,6 @@ public class SidTests {
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
}
|
||||
|
||||
Authentication authentication = new TestingAuthenticationToken("johndoe", "password");
|
||||
new PrincipalSid(authentication);
|
||||
// throws no exception
|
||||
@@ -88,25 +83,19 @@ public class SidTests {
|
||||
fail("It should have thrown IllegalArgumentException");
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
|
||||
}
|
||||
|
||||
try {
|
||||
new GrantedAuthoritySid("");
|
||||
fail("It should have thrown IllegalArgumentException");
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
|
||||
}
|
||||
|
||||
try {
|
||||
new GrantedAuthoritySid("ROLE_TEST");
|
||||
|
||||
}
|
||||
catch (IllegalArgumentException notExpected) {
|
||||
fail("It shouldn't have thrown IllegalArgumentException");
|
||||
}
|
||||
|
||||
// Check one GrantedAuthority-argument constructor
|
||||
try {
|
||||
GrantedAuthority ga = null;
|
||||
@@ -114,22 +103,17 @@ public class SidTests {
|
||||
fail("It should have thrown IllegalArgumentException");
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
|
||||
}
|
||||
|
||||
try {
|
||||
GrantedAuthority ga = new SimpleGrantedAuthority(null);
|
||||
new GrantedAuthoritySid(ga);
|
||||
fail("It should have thrown IllegalArgumentException");
|
||||
}
|
||||
catch (IllegalArgumentException expected) {
|
||||
|
||||
}
|
||||
|
||||
try {
|
||||
GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST");
|
||||
new GrantedAuthoritySid(ga);
|
||||
|
||||
}
|
||||
catch (IllegalArgumentException notExpected) {
|
||||
fail("It shouldn't have thrown IllegalArgumentException");
|
||||
@@ -140,7 +124,6 @@ public class SidTests {
|
||||
public void testPrincipalSidEquals() {
|
||||
Authentication authentication = new TestingAuthenticationToken("johndoe", "password");
|
||||
Sid principalSid = new PrincipalSid(authentication);
|
||||
|
||||
assertThat(principalSid.equals(null)).isFalse();
|
||||
assertThat(principalSid.equals("DIFFERENT_TYPE_OBJECT")).isFalse();
|
||||
assertThat(principalSid.equals(principalSid)).isTrue();
|
||||
@@ -155,7 +138,6 @@ public class SidTests {
|
||||
public void testGrantedAuthoritySidEquals() {
|
||||
GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST");
|
||||
Sid gaSid = new GrantedAuthoritySid(ga);
|
||||
|
||||
assertThat(gaSid.equals(null)).isFalse();
|
||||
assertThat(gaSid.equals("DIFFERENT_TYPE_OBJECT")).isFalse();
|
||||
assertThat(gaSid.equals(gaSid)).isTrue();
|
||||
@@ -170,7 +152,6 @@ public class SidTests {
|
||||
public void testPrincipalSidHashCode() {
|
||||
Authentication authentication = new TestingAuthenticationToken("johndoe", "password");
|
||||
Sid principalSid = new PrincipalSid(authentication);
|
||||
|
||||
assertThat(principalSid.hashCode()).isEqualTo("johndoe".hashCode());
|
||||
assertThat(principalSid.hashCode()).isEqualTo(new PrincipalSid("johndoe").hashCode());
|
||||
assertThat(principalSid.hashCode()).isNotEqualTo(new PrincipalSid("scott").hashCode());
|
||||
@@ -182,7 +163,6 @@ public class SidTests {
|
||||
public void testGrantedAuthoritySidHashCode() {
|
||||
GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST");
|
||||
Sid gaSid = new GrantedAuthoritySid(ga);
|
||||
|
||||
assertThat(gaSid.hashCode()).isEqualTo("ROLE_TEST".hashCode());
|
||||
assertThat(gaSid.hashCode()).isEqualTo(new GrantedAuthoritySid("ROLE_TEST").hashCode());
|
||||
assertThat(gaSid.hashCode()).isNotEqualTo(new GrantedAuthoritySid("ROLE_TEST_2").hashCode());
|
||||
@@ -196,10 +176,8 @@ public class SidTests {
|
||||
PrincipalSid principalSid = new PrincipalSid(authentication);
|
||||
GrantedAuthority ga = new SimpleGrantedAuthority("ROLE_TEST");
|
||||
GrantedAuthoritySid gaSid = new GrantedAuthoritySid(ga);
|
||||
|
||||
assertThat("johndoe".equals(principalSid.getPrincipal())).isTrue();
|
||||
assertThat("scott".equals(principalSid.getPrincipal())).isFalse();
|
||||
|
||||
assertThat("ROLE_TEST".equals(gaSid.getGrantedAuthority())).isTrue();
|
||||
assertThat("ROLE_TEST2".equals(gaSid.getGrantedAuthority())).isFalse();
|
||||
}
|
||||
@@ -209,7 +187,6 @@ public class SidTests {
|
||||
User user = new User("user", "password", Collections.singletonList(new SimpleGrantedAuthority("ROLE_TEST")));
|
||||
Authentication authentication = new TestingAuthenticationToken(user, "password");
|
||||
PrincipalSid principalSid = new PrincipalSid(authentication);
|
||||
|
||||
assertThat("user").isEqualTo(principalSid.getPrincipal());
|
||||
}
|
||||
|
||||
@@ -217,7 +194,6 @@ public class SidTests {
|
||||
public void getPrincipalWhenPrincipalNotInstanceOfUserDetailsThenReturnsPrincipalName() {
|
||||
Authentication authentication = new TestingAuthenticationToken("token", "password");
|
||||
PrincipalSid principalSid = new PrincipalSid(authentication);
|
||||
|
||||
assertThat("token").isEqualTo(principalSid.getPrincipal());
|
||||
}
|
||||
|
||||
@@ -225,7 +201,6 @@ public class SidTests {
|
||||
public void getPrincipalWhenCustomAuthenticationPrincipalThenReturnsPrincipalName() {
|
||||
Authentication authentication = new CustomAuthenticationToken(new CustomToken("token"), null);
|
||||
PrincipalSid principalSid = new PrincipalSid(authentication);
|
||||
|
||||
assertThat("token").isEqualTo(principalSid.getPrincipal());
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user