public void testUpdatePersistentAuthorization() {
TestResource resource1 = new TestResource("resource1", 100);
TestResource resource2 = new TestResource("resource1", 101);
Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
authorization.setUserId("aUserId");
authorization.setResource(resource1);
authorization.setResourceId("aResourceId");
authorization.addPermission(ACCESS);
// save the authorization
authorizationService.saveAuthorization(authorization);
// validate authorization
Authorization savedAuthorization =
authorizationService.createAuthorizationQuery().singleResult();
assertEquals("aUserId", savedAuthorization.getUserId());
assertEquals(resource1.resourceType(), savedAuthorization.getResourceType());
assertEquals("aResourceId", savedAuthorization.getResourceId());
assertTrue(savedAuthorization.hasPermission(ACCESS));
// update authorization
savedAuthorization.setUserId("anotherUserId");
savedAuthorization.setResource(resource2);
savedAuthorization.setResourceId("anotherResourceId");
savedAuthorization.addPermission(DELETE);
authorizationService.saveAuthorization(savedAuthorization);
// validate authorization updated
savedAuthorization = authorizationService.createAuthorizationQuery().singleResult();
assertEquals("anotherUserId", savedAuthorization.getUserId());
assertEquals(resource2.resourceType(), savedAuthorization.getResourceType());
assertEquals("anotherResourceId", savedAuthorization.getResourceId());
assertTrue(savedAuthorization.hasPermission(ACCESS));
assertTrue(savedAuthorization.hasPermission(DELETE));
}
public void testPermissions() {
Authorization authorization = authorizationService.createNewAuthorization(AUTH_TYPE_GRANT);
assertEquals(0, authorization.getPermissions());
assertFalse(authorization.hasPermission(ACCESS));
assertFalse(authorization.hasPermission(DELETE));
assertFalse(authorization.hasPermission(READ));
assertFalse(authorization.hasPermission(UPDATE));
authorization.addPermission(ACCESS);
assertTrue(authorization.hasPermission(ACCESS));
assertFalse(authorization.hasPermission(DELETE));
assertFalse(authorization.hasPermission(READ));
assertFalse(authorization.hasPermission(UPDATE));
authorization.addPermission(DELETE);
assertTrue(authorization.hasPermission(ACCESS));
assertTrue(authorization.hasPermission(DELETE));
assertFalse(authorization.hasPermission(READ));
assertFalse(authorization.hasPermission(UPDATE));
authorization.addPermission(READ);
assertTrue(authorization.hasPermission(ACCESS));
assertTrue(authorization.hasPermission(DELETE));
assertTrue(authorization.hasPermission(READ));
assertFalse(authorization.hasPermission(UPDATE));
authorization.addPermission(UPDATE);
assertTrue(authorization.hasPermission(ACCESS));
assertTrue(authorization.hasPermission(DELETE));
assertTrue(authorization.hasPermission(READ));
assertTrue(authorization.hasPermission(UPDATE));
authorization.removePermission(ACCESS);
assertFalse(authorization.hasPermission(ACCESS));
assertTrue(authorization.hasPermission(DELETE));
assertTrue(authorization.hasPermission(READ));
assertTrue(authorization.hasPermission(UPDATE));
authorization.removePermission(DELETE);
assertFalse(authorization.hasPermission(ACCESS));
assertFalse(authorization.hasPermission(DELETE));
assertTrue(authorization.hasPermission(READ));
assertTrue(authorization.hasPermission(UPDATE));
authorization.removePermission(READ);
assertFalse(authorization.hasPermission(ACCESS));
assertFalse(authorization.hasPermission(DELETE));
assertFalse(authorization.hasPermission(READ));
assertTrue(authorization.hasPermission(UPDATE));
authorization.removePermission(UPDATE);
assertFalse(authorization.hasPermission(ACCESS));
assertFalse(authorization.hasPermission(DELETE));
assertFalse(authorization.hasPermission(READ));
assertFalse(authorization.hasPermission(UPDATE));
}