コード例 #1
0
 private static void fillInSubject(PolicyRule rule) throws Throwable {
   if (rule instanceof UserPolicyRule) {
     User user = ((UserPolicyRule<User>) rule).getSubject();
     User filledInUser = tbclient.getUserByUsername(USER_SERVICE_ROOT, user.getUserName());
     if (filledInUser == null) {
       throw new RuntimeException("Could not find real user for: " + user.getUserName());
     }
     rule.setSubject(filledInUser);
   } else if (rule instanceof GroupPolicyRule) {
     Group group = ((GroupPolicyRule<? extends Group>) rule).getSubject();
     Project filledInProject = getProjectByGroupName(group.getGroupName());
     if (filledInProject != null) {
       rule.setSubject(filledInProject);
     } else {
       Organisation filledInOrg = getOrganisationByGroupName(group.getGroupName());
       if (filledInOrg != null) {
         rule.setSubject(filledInOrg);
       } else {
         throw new RuntimeException(
             "Could not find project or organisation for group name: " + group.getGroupName());
       }
     }
   }
 }
コード例 #2
0
  private static void verifyPolicyRules(Investigation i, List<PolicyRule> testRules)
      throws Throwable {
    List<AccessRights> rights = tbclient.readPolicy(i.getResourceURL());
    List<PolicyRule> rules = new ArrayList<PolicyRule>();
    for (AccessRights right : rights) {
      rules.addAll(right.getRules());
    }

    for (PolicyRule testRule : testRules) {
      PolicyRule matchingRule = null;
      for (PolicyRule rule : rules) {
        fillInSubject(rule);
        IToxBankResource subject = rule.getSubject();
        TestCase.assertNotNull("PolicyRule subject is null", subject.getResourceURL());
        IToxBankResource testSubject = testRule.getSubject();
        if (subject.getResourceURL().equals(testSubject.getResourceURL())) {
          TestCase.assertEquals(
              "Should have same get for " + testSubject.getResourceURL(),
              testRule.allowsGET(),
              rule.allowsGET());
          TestCase.assertEquals(
              "Should have same put for " + testSubject.getResourceURL(),
              testRule.allowsPUT(),
              rule.allowsPUT());
          TestCase.assertEquals(
              "Should have same post for " + testSubject.getResourceURL(),
              testRule.allowsPUT(),
              rule.allowsPOST());
          TestCase.assertEquals(
              "Should have same delete for " + testSubject.getResourceURL(),
              testRule.allowsPUT(),
              rule.allowsDELETE());
          matchingRule = rule;
        }
      }
      if (matchingRule == null) {
        TestCase.fail("Did not have a rule for: " + testRule.getSubject().getResourceURL());
      } else {
        rules.remove(matchingRule);
      }
    }

    if (rules.size() > 0) {
      StringBuilder sb = new StringBuilder();
      for (PolicyRule rule : rules) {
        sb.append(rule.getSubject().getResourceURL());
        sb.append("\n");
      }
      TestCase.fail("Had extraneous rules: " + rules.size() + "\n  " + sb.toString());
    }
  }