@Test
public void test() {
Assert.assertEquals(
Permission.GRANTED, policy.getPermission(user, "edit", new ContentPage(), context));
Assert.assertEquals(Permission.DENIED, policy.getPermission(user, "edit", new Site(), context));
Assert.assertEquals(
Permission.DENIED, policy.getPermission(user, "delete", new Site(), context));
Assert.assertEquals(
Permission.GRANTED, policy.getPermission(user, "delete", new ContentPage(), context));
}
private void doTest(
String json, HashSet<String> userRoles, String verb, String path, boolean shouldSucceed) {
AuthorizationPolicy policy = new AuthorizationPolicy();
Object config = policy.parseConfiguration(json);
ApiRequest request = new ApiRequest();
request.setType(verb);
request.setDestination(path);
IPolicyContext context = Mockito.mock(IPolicyContext.class);
IPolicyChain<ApiRequest> chain = Mockito.mock(IPolicyChain.class);
Mockito.when(
context.getAttribute(
AuthorizationPolicy.AUTHENTICATED_USER_ROLES, (HashSet<String>) null))
.thenReturn(userRoles);
final PolicyFailure failure = new PolicyFailure();
Mockito.when(context.getComponent(IPolicyFailureFactoryComponent.class))
.thenReturn(
new IPolicyFailureFactoryComponent() {
@Override
public PolicyFailure createFailure(
PolicyFailureType type, int failureCode, String message) {
failure.setFailureCode(failureCode);
failure.setType(type);
failure.setMessage(message);
return failure;
}
});
// Success
policy.apply(request, context, config, chain);
if (shouldSucceed) {
Mockito.verify(chain).doApply(request);
} else {
Mockito.verify(chain).doFailure(failure);
}
}
