예제 #1
0
  public void testEvaluateCombinativePermissionCollection() throws Throwable {
    PermissionUtils.setCachesEnabled(true);
    PermissionUtils.createCaches();

    Subject subject = new Subject();

    JGuardCredential nameA = new JGuardCredential(NAME, USER_A);
    JGuardCredential nameB = new JGuardCredential(NAME, USER_B);
    JGuardCredential companyA = new JGuardCredential(COMPANY, COMPANY_A);
    JGuardCredential companyB = new JGuardCredential(COMPANY, COMPANY_B);
    JGuardCredential age = new JGuardCredential(AGE, DUMMY_AGE);

    subject.getPublicCredentials().add(nameA);
    subject.getPublicCredentials().add(nameB);
    subject.getPublicCredentials().add(companyA);
    subject.getPublicCredentials().add(companyB);
    subject.getPublicCredentials().add(age);

    if (logger.isDebugEnabled()) {
      logger.debug("---- logging subject ----");
      logger.debug(subject.toString());
    }

    UserPrincipal userPrincipal = new UserPrincipal(subject);

    ProtectionDomain protectionDomain =
        new ProtectionDomain(null, new Permissions(), null, new Principal[] {userPrincipal});

    PermissionCollection pc = new Permissions();
    Permission p1 = new FilePermission("file://home", "read");
    Permission p2 =
        new FilePermission("file://home/user/${subject.publicCredentials.name}", "read");
    Permission p3 =
        new FilePermission("file://home/user/${subject.publicCredentials.company}", "read");
    Permission p4 =
        new FilePermission(
            "file://home/user/${subject.publicCredentials.name}/"
                + "${subject.publicCredentials.company}/${subject.publicCredentials.age}",
            "read");
    Permission p5 =
        new FilePermission(
            "file://home/user/${subject.publicCredentials.company}/${subject.publicCredentials.company}",
            "read");
    Permission p6 =
        new URLPermission(
            "index",
            "http://www.website.com/index.html?name=${subject.publicCredentials.name}&company=${subject.publicCredentials.company}&age=${subject.publicCredentials.age}");

    pc.add(p1);
    pc.add(p2);
    pc.add(p3);
    pc.add(p4);
    pc.add(p5);
    pc.add(p6);

    if (logger.isDebugEnabled()) {
      logger.debug("---- logging unresolved permissions ----");
      Enumeration unresolvedPermEnum = pc.elements();
      while (unresolvedPermEnum.hasMoreElements()) {
        logger.debug(unresolvedPermEnum.nextElement().toString());
      }
    }

    PermissionCollection expectedPc = new Permissions();
    Permission expectedP1 = new FilePermission("file://home", "read");
    Permission expectedP2a = new FilePermission("file://home/user/userA", "read");
    Permission expectedP2b = new FilePermission("file://home/user/userB", "read");
    Permission expectedP3a = new FilePermission("file://home/user/companyA", "read");
    Permission expectedP3b = new FilePermission("file://home/user/companyB", "read");
    Permission expectedP4a = new FilePermission("file://home/user/userA/companyA/100", "read");
    Permission expectedP4b = new FilePermission("file://home/user/userA/companyB/100", "read");
    Permission expectedP4c = new FilePermission("file://home/user/userB/companyA/100", "read");
    Permission expectedP4d = new FilePermission("file://home/user/userB/companyB/100", "read");
    Permission expectedP5a = new FilePermission("file://home/user/companyA/companyA", "read");
    Permission expectedP5b = new FilePermission("file://home/user/companyA/companyB", "read");
    Permission expectedP5c = new FilePermission("file://home/user/companyB/companyA", "read");
    Permission expectedP5d = new FilePermission("file://home/user/companyB/companyB", "read");
    Permission expectedP6a =
        new URLPermission(
            "index", "http://www.website.com/index.html?name=userA&company=companyA&age=100");
    Permission expectedP6b =
        new URLPermission(
            "index", "http://www.website.com/index.html?name=userA&company=companyB&age=100");
    Permission expectedP6c =
        new URLPermission(
            "index", "http://www.website.com/index.html?name=userB&company=companyA&age=100");
    Permission expectedP6d =
        new URLPermission(
            "index", "http://www.website.com/index.html?name=userB&company=companyB&age=100");

    expectedPc.add(expectedP1);
    expectedPc.add(expectedP2a);
    expectedPc.add(expectedP2b);
    expectedPc.add(expectedP3a);
    expectedPc.add(expectedP3b);
    expectedPc.add(expectedP4a);
    expectedPc.add(expectedP4b);
    expectedPc.add(expectedP4c);
    expectedPc.add(expectedP4d);
    expectedPc.add(expectedP5a);
    expectedPc.add(expectedP5b);
    expectedPc.add(expectedP5c);
    expectedPc.add(expectedP5d);
    expectedPc.add(expectedP6a);
    expectedPc.add(expectedP6b);
    expectedPc.add(expectedP6c);
    expectedPc.add(expectedP6d);

    // getting resolved permissions
    PermissionCollection resolvedPc =
        PrincipalUtils.evaluatePermissionCollection(protectionDomain, pc);

    if (logger.isDebugEnabled()) {
      logger.debug("---- logging expected permissions ----");
      Enumeration expectedPermEnum = expectedPc.elements();
      while (expectedPermEnum.hasMoreElements()) {
        logger.debug(expectedPermEnum.nextElement().toString());
      }

      logger.debug("---- logging resolved permissions ----");
    }

    int collectionSize = 0;
    Enumeration permEnum = resolvedPc.elements();
    while (permEnum.hasMoreElements()) {
      Permission resolvedPerm = (Permission) permEnum.nextElement();
      logger.debug("verify implies for " + resolvedPerm.toString());
      System.out.println("verify implies for " + resolvedPerm.toString());
      assertTrue(expectedPc.implies(resolvedPerm));
      collectionSize++;
    }
    assertEquals(17, collectionSize);
    System.out.println("END EVALUATE COMBINATIVE PERMISSION TEST");
  }
예제 #2
0
  public void testEvaluatePermissionCollection() throws Throwable {
    PermissionUtils.setCachesEnabled(true);
    PermissionUtils.createCaches();

    Subject subjectA = new Subject();

    JGuardCredential nameA = new JGuardCredential(NAME, USER_A);
    JGuardCredential companyA = new JGuardCredential(COMPANY, COMPANY_A);

    subjectA.getPublicCredentials().add(nameA);
    subjectA.getPublicCredentials().add(companyA);

    if (logger.isDebugEnabled()) {
      logger.debug("---- logging subject ----");
      logger.debug(subjectA.toString());
    }

    UserPrincipal userPrincipal = new UserPrincipal(subjectA);

    ProtectionDomain protectionDomain =
        new ProtectionDomain(null, new Permissions(), null, new Principal[] {userPrincipal});

    PermissionCollection pc = new Permissions();
    Permission p1 = new FilePermission("file://home", "read");
    Permission p2 =
        new FilePermission("file://home/user/${subject.publicCredentials.name}", "read");
    Permission p3 =
        new FilePermission("file://home/user/${subject.publicCredentials.company}", "read");
    Permission p4 =
        new FilePermission(
            "file://home/user/${subject.publicCredentials.name}/"
                + "${subject.publicCredentials.company}/${subject.publicCredentials.name}/"
                + "${subject.publicCredentials.name}/${subject.publicCredentials.company}",
            "read");
    Permission p5 = new FilePermission("file://home/user/${subject.publicCredentials.age}", "read");
    Permission p6 =
        new URLPermission(
            "index", "http://www.website.com/index.html?name=${subject.publicCredentials.name}");
    Permission p7 =
        new URLPermission(
            "index2", "http://www.web�site.com/index.html?name=${subject.publicCredentials.name}");

    pc.add(p1);
    pc.add(p2);
    pc.add(p3);
    pc.add(p4);
    pc.add(p5);
    pc.add(p6);
    pc.add(p7);

    if (logger.isDebugEnabled()) {
      logger.debug("---- logging unresolved permissions ----");
      Enumeration unresolvedPermEnum = pc.elements();
      while (unresolvedPermEnum.hasMoreElements()) {
        logger.debug(unresolvedPermEnum.nextElement().toString());
      }
    }

    PermissionCollection expectedPc = new Permissions();
    Permission expectedP1 = new FilePermission("file://home", "read");
    Permission expectedP2 = new FilePermission("file://home/user/userA", "read");
    Permission expectedP3 = new FilePermission("file://home/user/companyA", "read");
    Permission expectedP4 =
        new FilePermission("file://home/user/userA/companyA/userA/userA/companyA", "read");
    Permission expectedP6 =
        new URLPermission("index", "http://www.website.com/index.html?name=userA");
    Permission expectedP7 =
        new URLPermission("index2", "http://www.web�site.com/index.html?name=userA");

    expectedPc.add(expectedP1);
    expectedPc.add(expectedP2);
    expectedPc.add(expectedP3);
    expectedPc.add(expectedP4);
    expectedPc.add(expectedP6);
    expectedPc.add(expectedP7);

    // getting resolved permissions
    PermissionCollection resolvedPc =
        PrincipalUtils.evaluatePermissionCollection(protectionDomain, pc);

    if (logger.isDebugEnabled()) {
      logger.debug("---- logging expected permissions ----");
      Enumeration expectedPermEnum = expectedPc.elements();
      while (expectedPermEnum.hasMoreElements()) {
        logger.debug(expectedPermEnum.nextElement().toString());
      }

      logger.debug("---- logging resolved permissions ----");
    }

    int collectionSize = 0;
    Enumeration permEnum = resolvedPc.elements();
    while (permEnum.hasMoreElements()) {
      Permission resolvedPerm = (Permission) permEnum.nextElement();
      logger.debug("verify implies for " + resolvedPerm.toString());
      System.out.println("verify implies for " + resolvedPerm.toString());
      assertTrue(expectedPc.implies(resolvedPerm));
      collectionSize++;
    }
    assertEquals(6, collectionSize);
    System.out.println("END EVALUATE PERMISSION TEST");
  }