public void doAuthorizationStuff() throws Exception {
    AuthorizationManager authMan = realm.getAuthorizationManager();
    UserStoreManager usWriter = realm.getUserStoreManager();

    usWriter.addRole("rolex", new String[] {"saman", "amara"}, null);
    usWriter.addRole("roley", null, null);
    authMan.authorizeRole("rolex", "wall", "write");
    authMan.authorizeRole("roley", "table", "write");
    authMan.authorizeUser("sunil", "wall", "read");

    assertTrue(authMan.isUserAuthorized("saman", "wall", "write"));
    assertTrue(authMan.isUserAuthorized("sunil", "wall", "read"));
    assertTrue(authMan.isRoleAuthorized("roley", "table", "write"));
    assertFalse(authMan.isUserAuthorized("saman", "wall", "read"));
    assertFalse(authMan.isUserAuthorized("sunil", "wall", "write"));

    authMan.clearUserAuthorization("sunil", "wall", "read");
    authMan.clearRoleAuthorization("roley", "table", "write");
    authMan.clearResourceAuthorizations("wall");

    assertFalse(authMan.isUserAuthorized("saman", "wall", "write"));
    assertFalse(authMan.isUserAuthorized("sunil", "wall", "read"));
    assertFalse(authMan.isRoleAuthorized("roley", "table", "write"));
  }
Ejemplo n.º 2
0
  public void doAuthorizationStuff() throws Exception {
    AuthorizationManager authMan = realm.getAuthorizationManager();
    UserStoreManager usWriter = realm.getUserStoreManager();

    usWriter.addRole("rolex", new String[] {"saman", "amara"}, null);
    usWriter.addRole("roley", null, null);
    authMan.authorizeRole("rolex", "wall", "write");
    authMan.authorizeRole("roley", "table", "write");

    try {
      authMan.authorizeRole(null, "wall", "write");
      fail("Exception at authorizing a role with Null role");
    } catch (Exception e) {
      // exptected error in negative testing
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.authorizeRole("rollee", null, "write");
      fail("Exception at authorizing a role with Null resourceID");
    } catch (Exception e) {
      // exptected error in negative testing
    }
    try {
      authMan.authorizeRole("rollee", "wall", null);
      fail("Exception at authorizing a role with Null action");
    } catch (Exception e) {
      // exptected error in negative testing
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.authorizeRole("rolleex", "wall", "run");
      fail("Exception at authorizing a role with Invalid action");
    } catch (Exception e) {
      // exptected error in negative testing
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }

    // ***authorize user
    authMan.authorizeUser("sunil", "wall", "read");
    try {
      authMan.authorizeUser(null, "wall", "read");
      fail("Exception at authorizing a user with Null name");
    } catch (Exception e) {
      // exptected error in negative testing
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.authorizeUser("isuru", null, "read");
      fail("Exception at authorizing a user with Null resourceID");
    } catch (Exception e) {
      // exptected error in negative testing
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.authorizeUser("isuru", "wall", null);
      fail("Exception at authorizing a user with Null action");
    } catch (Exception e) {
      // exptected error in negative testing
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.authorizeUser("isuru", "wall", "run");
      fail("Exception at authorizing a user with Invalid action");
    } catch (Exception e) {
      // exptected error in negative testing
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }

    assertTrue(authMan.isUserAuthorized("saman", "wall", "write"));
    assertTrue(authMan.isUserAuthorized("sunil", "wall", "read"));
    assertTrue(authMan.isRoleAuthorized("primary/roley", "table", "write"));
    assertFalse(authMan.isRoleAuthorized("roley", "chair", "write"));
    assertFalse(authMan.isUserAuthorized("saman", "wall", "read"));
    assertFalse(authMan.isUserAuthorized("sunil", "wall", "write"));
    assertFalse(authMan.isUserAuthorized("isuru", "wall", "write"));
    try {
      boolean b = authMan.isUserAuthorized("isuru", "wall", "run");
      fail("Exception at check authorization of a user with Invalid action");
    } catch (Exception e) {
      // exptected error in negative testing
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }

    String[] AllowedRolesForResource = authMan.getAllowedRolesForResource("wall", "write");
    assertEquals(1, AllowedRolesForResource.length);
    // assertEquals(2,authMan.getAllowedUsersForResource("wall", "write").length);
    // String[] AllowedUsersForResource = authMan.getAllowedUsersForResource("wall", "read");
    // assertEquals(1, AllowedUsersForResource.length);

    authMan.clearUserAuthorization("sunil", "wall", "read");
    try {
      authMan.clearUserAuthorization("isuru", "wall", "run");
      fail("Exception at clear user authorization");
    } catch (Exception e) {
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.clearUserAuthorization(null, "wall", "run");
      fail("Exception at clear user authorization");
    } catch (Exception e) {
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.clearUserAuthorization("isuru", null, "run");
      fail("Exception at clear user authorization");
    } catch (Exception e) {
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.clearUserAuthorization("isuru", "wall", null);
      fail("Exception at clear user authorization");
    } catch (Exception e) {
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }

    authMan.clearRoleAuthorization("roley", "table", "write");
    try {
      authMan.clearRoleAuthorization(null, "table", "write");
      fail("Exception at clear role authorization");
    } catch (Exception e) {
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.clearRoleAuthorization("roleee", null, "write");
      fail("Exception at clear role authorization");
    } catch (Exception e) {
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }
    try {
      authMan.clearRoleAuthorization("roleee", "table", null);
      fail("Exception at clear role authorization");
    } catch (Exception e) {
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }

    authMan.clearResourceAuthorizations("wall");
    try {
      authMan.clearResourceAuthorizations(null);
      fail("Exception at clear Resource Authorizations");
    } catch (Exception e) {
      if (log.isDebugEnabled()) {
        log.debug("Expected error, hence ignored", e);
      }
    }

    assertFalse(authMan.isUserAuthorized("saman", "wall", "write"));
    assertFalse(authMan.isUserAuthorized("sunil", "wall", "read"));
    assertFalse(authMan.isRoleAuthorized("roley", "table", "write"));
  }