Package org.geomajas.internal.security

Source Code of org.geomajas.internal.security.SecurityContextFeatureFilterTest$FilterAuthorization

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
/*
* This is part of Geomajas, a GIS framework, http://www.geomajas.org/.
*
* Copyright 2008-2011 Geosparc nv, http://www.geosparc.com/, Belgium.
*
* The program is available in open source according to the GNU Affero
* General Public License. All contributions in this program are covered
* by the Geomajas Contributors License Agreement. For full licensing
* details, see LICENSE.txt in the project root.
*/

package org.geomajas.internal.security;

import java.util.ArrayList;
import java.util.List;

import junit.framework.Assert;

import org.geomajas.security.Authentication;
import org.geomajas.security.BaseAuthorization;
import org.geomajas.security.SecurityContext;
import org.geomajas.security.VectorLayerSelectFilterAuthorization;
import org.geomajas.security.allowall.AllowAllAuthorization;
import org.geomajas.service.FilterService;
import org.junit.After;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.opengis.filter.Filter;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.annotation.DirtiesContext;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;

/**
* Testing of FeatureFilter combination in the security context.
*
* @author Joachim Van der Auwera
*/
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration(locations = {"/org/geomajas/spring/geomajasContext.xml",
    "/org/geomajas/spring/moreContext.xml"})
public class SecurityContextFeatureFilterTest {

  private static final String SECURITY_SERVICE_ID = "ss";
  private static final String LAYER_ID = "layer";
  private static final String USER_ID = "auth";

  @Autowired
  private FilterService filterService;

  @Autowired
  private SecurityContext securityContext;

  @Autowired
  private org.geomajas.security.SecurityManager securityManager;

  @After
  public void clearSecurityContext() {
    securityManager.clearSecurityContext();
  }

  @Test
  @DirtiesContext // setting SecurityContext
  public void testNoFilters() {
    SecurityContextImpl securityContext = (SecurityContextImpl)this.securityContext;
    List<Authentication> authentications = new ArrayList<Authentication>();
    Authentication auth1 = getAuthentication();
    Authentication auth2 = getAuthentication();
    auth2.setSecurityServiceId("ss2");
    authentications.add(auth1);
    authentications.add(auth2);
    securityContext.setAuthentications("token", authentications);
    Assert.assertNull(securityContext.getFeatureFilter(LAYER_ID));
  }

  @Test
  public void testOneFilter() {
    SecurityContextImpl securityContext = (SecurityContextImpl)this.securityContext;
    List<Authentication> authentications = new ArrayList<Authentication>();
    Authentication auth1 = getAuthentication();
    Authentication auth2 = getFilterAuthentication();
    auth2.setSecurityServiceId("ss2");
    authentications.add(auth1);
    authentications.add(auth2);
    securityContext.setAuthentications("token", authentications);
    Filter filter = securityContext.getFeatureFilter(LAYER_ID);
    Assert.assertNotNull(filter);
    // these tests are (geotools) implementation dependent
    Assert.assertEquals("org.geotools.filter.LikeFilterImpl", filter.getClass().getName());
    Assert.assertEquals("[ name is like bla% ]", filter.toString());
  }

  @Test
  public void testTwoFilters() {
    SecurityContextImpl securityContext = (SecurityContextImpl)this.securityContext;
    List<Authentication> authentications = new ArrayList<Authentication>();
    Authentication auth1 = getFilterAuthentication();
    Authentication auth2 = getFilterAuthentication();
    auth2.setSecurityServiceId("ss2");
    authentications.add(auth1);
    authentications.add(auth2);
    securityContext.setAuthentications("token", authentications);
    Filter filter = securityContext.getFeatureFilter(LAYER_ID);
    Assert.assertNotNull(filter);
    // these tests are (geotools) implementation dependent
    Assert.assertEquals("org.geotools.filter.AndImpl", filter.getClass().getName());
    Assert.assertEquals("[[ name is like bla% ] AND [ name is like bla% ]]", filter.toString());
  }

  private Authentication getAuthentication() {
    Authentication auth = new Authentication();
    auth.setAuthorizations(new BaseAuthorization[]{new AllowAllAuthorization()});
    auth.setSecurityServiceId(SECURITY_SERVICE_ID);
    auth.setUserId(USER_ID);
    return auth;
  }

  private Authentication getFilterAuthentication() {
    Authentication auth = new Authentication();
    auth.setAuthorizations(new BaseAuthorization[]{new FilterAuthorization()});
    auth.setSecurityServiceId(SECURITY_SERVICE_ID);
    auth.setUserId(USER_ID);
    return auth;
  }

  private class FilterAuthorization extends AllowAllAuthorization implements VectorLayerSelectFilterAuthorization {
    public Filter getFeatureFilter(String layerId) {
      return filterService.createLikeFilter("name", "bla%");
    }
  }
}
TOP

Related Classes of org.geomajas.internal.security.SecurityContextFeatureFilterTest$FilterAuthorization

  • org.geomajas.security.allowall.AllowAllAuthorization
  • org.geomajas.security.Authentication
  • org.opengis.filter.Filter
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.