Package org.drools.repository.security

Source Code of org.drools.repository.security.AccessControlTest

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
package org.drools.repository.security;

import junit.framework.TestCase;

import org.apache.jackrabbit.core.NodeId;
import org.apache.jackrabbit.core.security.AccessManager;
import org.drools.repository.AssetItem;
import org.drools.repository.PackageItem;
import org.drools.repository.RepositorySessionUtil;
import org.drools.repository.RulesRepository;
import org.jboss.security.identity.plugins.IdentityFactory;

public class AccessControlTest extends TestCase {

  
    public void testSecurityACL() throws Exception {

        DroolsRepositoryACLManager droolssercurity = new DroolsRepositoryACLManager( IdentityFactory.createIdentity( "group1" ) );

        RulesRepository repo = RepositorySessionUtil.getRepository();

        repo.loadDefaultPackage().addAsset( "testsecurityASSET1",
                                            "X" );
        repo.loadDefaultPackage().addAsset( "testsecurityASSET2",
                                            "X" );
        AssetItem item = RepositorySessionUtil.getRepository().loadDefaultPackage().loadAsset( "testsecurityASSET1" );

        droolssercurity.setPermission( item.getUUID(),
                                       AccessManager.READ );

        assertTrue( droolssercurity.checkPermission( NodeId.valueOf( item.getUUID() ),
                                                     AccessManager.READ ) );
        assertFalse( droolssercurity.checkPermission( NodeId.valueOf( item.getUUID() ),
                                                      AccessManager.WRITE ) );
        assertFalse( droolssercurity.checkPermission( NodeId.valueOf( item.getUUID() ),
                                                      AccessManager.REMOVE ) );

        item = RepositorySessionUtil.getRepository().loadDefaultPackage().loadAsset( "testsecurityASSET2" );
        droolssercurity.setPermission( item.getUUID(),
                                       AccessManager.READ + AccessManager.WRITE );

        assertTrue( droolssercurity.checkPermission( NodeId.valueOf( item.getUUID() ),
                                                     AccessManager.READ + AccessManager.WRITE ) );
        assertTrue( droolssercurity.checkPermission( NodeId.valueOf( item.getUUID() ),
                                                     AccessManager.READ ) );
        assertTrue( droolssercurity.checkPermission( NodeId.valueOf( item.getUUID() ),
                                                     AccessManager.WRITE ) );
        assertFalse( droolssercurity.checkPermission( NodeId.valueOf( item.getUUID() ),
                                                      AccessManager.REMOVE ) );

    }

    public void testSecurityACLMultiUsers() throws Exception {

        DroolsRepositoryACLManager droolssercurity1 = new DroolsRepositoryACLManager( IdentityFactory.createIdentity( "group1" ) );
        DroolsRepositoryACLManager droolssercurity2 = new DroolsRepositoryACLManager( IdentityFactory.createIdentity( "group2" ) );

        RulesRepository repo = RepositorySessionUtil.getRepository();

        repo.loadDefaultPackage().addAsset( "testsecurityASSET3",
                                            "X" );

        AssetItem item = RepositorySessionUtil.getRepository().loadDefaultPackage().loadAsset( "testsecurityASSET3" );

        droolssercurity2.setPermission( item.getUUID(),
                                        AccessManager.READ );

        assertFalse( droolssercurity1.checkPermission( NodeId.valueOf( item.getUUID() ),
                                                       AccessManager.READ ) );
        assertFalse( droolssercurity1.checkPermission( NodeId.valueOf( item.getUUID() ),
                                                       AccessManager.WRITE ) );
        assertFalse( droolssercurity1.checkPermission( NodeId.valueOf( item.getUUID() ),
                                                       AccessManager.REMOVE ) );

        assertTrue( droolssercurity2.checkPermission( NodeId.valueOf( item.getUUID() ),
                                                      AccessManager.READ ) );
        assertFalse( droolssercurity2.checkPermission( NodeId.valueOf( item.getUUID() ),
                                                       AccessManager.WRITE ) );
        assertFalse( droolssercurity2.checkPermission( NodeId.valueOf( item.getUUID() ),
                                                       AccessManager.REMOVE ) );

    }
   
   
    public void FIXME_testSecurityACLDeepPermission() throws Exception {

        DroolsRepositoryACLManager droolssercurity1 = new DroolsRepositoryACLManager( IdentityFactory.createIdentity( "group1" ) );
        DroolsRepositoryACLManager droolssercurity2 = new DroolsRepositoryACLManager( IdentityFactory.createIdentity( "group2" ) );

        RulesRepository repo = RepositorySessionUtil.getRepository();
       
       
        PackageItem packageitem = repo.createPackage( "testPackageSecurity", "lalalala" );
       
        AssetItem item = packageitem.addAsset( "testsecurityASSET3",
        "X" );


        droolssercurity2.setPermission( item.getUUID(),
                                        AccessManager.WRITE );
       

        assertFalse( droolssercurity1.checkPermission( NodeId.valueOf( item.getUUID() ),
                                                       AccessManager.READ ) );
        assertTrue( droolssercurity1.checkPermission( NodeId.valueOf( item.getUUID() ),
                                                       AccessManager.WRITE ) );
        assertFalse( droolssercurity1.checkPermission( NodeId.valueOf( item.getUUID() ),
                                                       AccessManager.REMOVE ) );
    }

}
TOP

Related Classes of org.drools.repository.security.AccessControlTest

  • org.drools.repository.AssetItem
  • org.drools.repository.PackageItem
  • org.drools.repository.RulesRepository
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.