/*
* Copyright (c) 2005-2010, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.user.core.authman;
import org.apache.commons.dbcp.BasicDataSource;
import org.wso2.carbon.user.api.RealmConfiguration;
import org.wso2.carbon.user.core.AuthorizationManager;
import org.wso2.carbon.user.core.BaseTestCase;
import org.wso2.carbon.user.core.ClaimTestUtil;
import org.wso2.carbon.user.core.Permission;
import org.wso2.carbon.user.core.UserCoreTestConstants;
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.user.core.UserStoreManager;
import org.wso2.carbon.user.core.common.DefaultRealm;
import org.wso2.carbon.user.core.config.TestRealmConfigBuilder;
import org.wso2.carbon.user.core.jdbc.JDBCRealmTest;
import org.wso2.carbon.utils.dbcreator.DatabaseCreator;
import java.io.File;
import java.io.InputStream;
import java.util.HashMap;
import java.util.Map;
public class AdvancedPermissionTreeTest extends BaseTestCase{
private UserRealm realm = null;
private String TEST_URL = "jdbc:h2:target/permTreetest/CARBON_TEST";
public void testStuff() throws Exception{
initRealmStuff();
dorolestuff();
doAuthorizationstuff();
}
public void initRealmStuff() throws Exception{
String dbFolder = "target/permTreetest";
if ((new File(dbFolder)).exists()) {
deleteDir(new File(dbFolder));
}
BasicDataSource ds = new BasicDataSource();
ds.setDriverClassName(UserCoreTestConstants.DB_DRIVER);
ds.setUrl(TEST_URL);
DatabaseCreator creator = new DatabaseCreator(ds);
creator.createRegistryDatabase();
realm = new DefaultRealm();
InputStream inStream = this.getClass().getClassLoader().getResource(JDBCRealmTest.JDBC_TEST_USERMGT_XML).openStream();
RealmConfiguration realmConfig = TestRealmConfigBuilder
.buildRealmConfigWithJDBCConnectionUrl(inStream, TEST_URL);
realm.init(realmConfig, ClaimTestUtil.getClaimTestData(), ClaimTestUtil
.getProfileTestData(),0);
}
public void dorolestuff() throws Exception{
UserStoreManager admin = realm.getUserStoreManager();
Map<String, String> getClaims = new HashMap<String, String>();
getClaims.put(ClaimTestUtil.CLAIM_URI1, "1claim1Value");
getClaims.put(ClaimTestUtil.CLAIM_URI2, "2claim2Value");
Permission[] permisions = new Permission[2];
permisions[0] = new Permission("high security", "read");
permisions[1] = new Permission("low security", "write");
assertEquals("high security",permisions[0].getResourceId());
assertEquals("write",permisions[1].getAction());
admin.addUser("dimuthu", "pass1", null, null, null, false);
admin.addUser("isuru","pass2",null,null,null, false);
admin.addUser("ajith","pass3",null,null,null, false);
admin.addUser("Kalpa","pass4",null,null,null, false);
admin.addUser("Lahiru","pass5",null,null,null, false);
admin.addRole("role1", new String[] { "dimuthu" }, permisions);
admin.addRole("role2", new String[] { "isuru","ajith" }, permisions);
admin.addRole("role3", new String[] { "Kalpa" }, permisions);
admin.addRole("role4", new String[] { "Lahiru" }, permisions);
}
public void doAuthorizationstuff() throws Exception{
AuthorizationManager authMan = realm.getAuthorizationManager();
//Role Authorization
authMan.authorizeRole("role1", "/s", "read");
assertTrue(authMan.isRoleAuthorized("role1", "/s", "read"));
assertTrue(authMan.isRoleAuthorized("role1", "/s/t/u/v", "read"));
assertTrue(authMan.isUserAuthorized("dimuthu","/s", "read"));
assertTrue(authMan.isUserAuthorized("dimuthu","/s/t/u/v", "read"));
authMan.denyRole("role1", "/s/t/u", "read");
assertFalse(authMan.isRoleAuthorized("role1", "/s/t/u", "read"));
assertFalse(authMan.isRoleAuthorized("role1", "s/t/u/v/w", "read"));
assertFalse(authMan.isUserAuthorized("dimuthu","s/t/u/v/w", "read"));
assertTrue(authMan.isRoleAuthorized("role1", "/s/t", "read"));
assertTrue(authMan.isUserAuthorized("dimuthu","/s/t", "read"));
authMan.authorizeRole("role1", "/s/t/u/v/w/x", "read");
assertTrue(authMan.isRoleAuthorized("role1", "/s/t/u/v/w/x/y", "read"));
assertTrue(authMan.isRoleAuthorized("role1", "/s/t", "read"));
assertFalse(authMan.isRoleAuthorized("role1", "/s/t/u/v/w", "read"));
}
}