Andrei Stefan
18 years ago
2 changed files with 188 additions and 2 deletions
@ -0,0 +1,182 @@
@@ -0,0 +1,182 @@
|
||||
package org.springframework.security.acls.jdbc; |
||||
|
||||
import java.util.Map; |
||||
|
||||
import junit.framework.Assert; |
||||
import junit.framework.TestCase; |
||||
|
||||
import org.springframework.context.support.AbstractXmlApplicationContext; |
||||
import org.springframework.context.support.ClassPathXmlApplicationContext; |
||||
import org.springframework.jdbc.core.JdbcTemplate; |
||||
import org.springframework.security.acls.AuditableAccessControlEntry; |
||||
import org.springframework.security.acls.MutableAcl; |
||||
import org.springframework.security.acls.domain.BasePermission; |
||||
import org.springframework.security.acls.objectidentity.ObjectIdentity; |
||||
import org.springframework.security.acls.objectidentity.ObjectIdentityImpl; |
||||
import org.springframework.security.acls.sid.PrincipalSid; |
||||
|
||||
/** |
||||
* Tests {@link BasicLookupStrategy} |
||||
* |
||||
* @author Andrei Stefan |
||||
*/ |
||||
public class BasicLookupStrategyTests extends TestCase { |
||||
private AbstractXmlApplicationContext ctx; |
||||
|
||||
//~ Methods ========================================================================================================
|
||||
|
||||
private LookupStrategy getBasicLookupStrategy() { |
||||
ctx = new ClassPathXmlApplicationContext( |
||||
"classpath:org/springframework/security/acls/jdbc/applicationContext-test.xml"); |
||||
|
||||
return (LookupStrategy) ctx.getBean("lookupStrategy"); |
||||
} |
||||
|
||||
private void populateDatabase() { |
||||
JdbcTemplate jdbcTemplate = new JdbcTemplate((javax.sql.DataSource) this.ctx.getBean("dataSource")); |
||||
String query = "INSERT INTO acl_sid(ID,PRINCIPAL,SID) VALUES (1,1,'ben');" |
||||
+ "INSERT INTO acl_class(ID,CLASS) VALUES (2,'org.springframework.security.TargetObject');" |
||||
+ "INSERT INTO acl_object_identity(ID,OBJECT_ID_CLASS,OBJECT_ID_IDENTITY,PARENT_OBJECT,OWNER_SID,ENTRIES_INHERITING) VALUES (1,2,100,null,1,1);" |
||||
+ "INSERT INTO acl_object_identity(ID,OBJECT_ID_CLASS,OBJECT_ID_IDENTITY,PARENT_OBJECT,OWNER_SID,ENTRIES_INHERITING) VALUES (2,2,101,1,1,1);" |
||||
+ "INSERT INTO acl_object_identity(ID,OBJECT_ID_CLASS,OBJECT_ID_IDENTITY,PARENT_OBJECT,OWNER_SID,ENTRIES_INHERITING) VALUES (3,2,102,2,1,1);" |
||||
+ "INSERT INTO acl_entry(ID,ACL_OBJECT_IDENTITY,ACE_ORDER,SID,MASK,GRANTING,AUDIT_SUCCESS,AUDIT_FAILURE) VALUES (1,1,0,1,1,1,0,0);" |
||||
+ "INSERT INTO acl_entry(ID,ACL_OBJECT_IDENTITY,ACE_ORDER,SID,MASK,GRANTING,AUDIT_SUCCESS,AUDIT_FAILURE) VALUES (2,1,1,1,2,0,0,0);" |
||||
+ "INSERT INTO acl_entry(ID,ACL_OBJECT_IDENTITY,ACE_ORDER,SID,MASK,GRANTING,AUDIT_SUCCESS,AUDIT_FAILURE) VALUES (3,2,0,1,8,1,0,0);" |
||||
+ "INSERT INTO acl_entry(ID,ACL_OBJECT_IDENTITY,ACE_ORDER,SID,MASK,GRANTING,AUDIT_SUCCESS,AUDIT_FAILURE) VALUES (4,3,0,1,8,0,0,0);"; |
||||
jdbcTemplate.execute(query); |
||||
} |
||||
|
||||
private void emptyDatabase() { |
||||
JdbcTemplate jdbcTemplate = new JdbcTemplate((javax.sql.DataSource) this.ctx.getBean("dataSource")); |
||||
String query = "DELETE FROM acl_entry;" + "DELETE FROM acl_object_identity WHERE ID = 3;" |
||||
+ "DELETE FROM acl_object_identity WHERE ID = 2;" + "DELETE FROM acl_object_identity WHERE ID = 1;" |
||||
+ "DELETE FROM acl_class;" + "DELETE FROM acl_sid;"; |
||||
jdbcTemplate.execute(query); |
||||
} |
||||
|
||||
private void dropTables() { |
||||
JdbcTemplate jdbcTemplate = new JdbcTemplate((javax.sql.DataSource) this.ctx.getBean("dataSource")); |
||||
String query = "DROP TABLE acl_entry;" + "DROP TABLE acl_object_identity;" + "DROP TABLE acl_class;" |
||||
+ "DROP TABLE acl_sid;"; |
||||
jdbcTemplate.execute(query); |
||||
} |
||||
|
||||
protected void tearDown() throws Exception { |
||||
super.tearDown(); |
||||
dropTables(); |
||||
if (this.ctx != null) { |
||||
this.ctx.close(); |
||||
} |
||||
} |
||||
|
||||
public void testAclsRetrievalWithDefaultBatchSize() throws Exception { |
||||
LookupStrategy strategy = getBasicLookupStrategy(); |
||||
populateDatabase(); |
||||
|
||||
ObjectIdentity topParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100)); |
||||
ObjectIdentity middleParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(101)); |
||||
ObjectIdentity childOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(102)); |
||||
|
||||
Map map = strategy.readAclsById(new ObjectIdentity[] { topParentOid, middleParentOid, childOid }, null); |
||||
checkEntries(topParentOid, middleParentOid, childOid, map); |
||||
} |
||||
|
||||
public void testAclsRetrievalFromCacheOnly() throws Exception { |
||||
LookupStrategy strategy = getBasicLookupStrategy(); |
||||
populateDatabase(); |
||||
|
||||
ObjectIdentity topParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100)); |
||||
ObjectIdentity middleParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(101)); |
||||
ObjectIdentity childOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(102)); |
||||
|
||||
// Objects were put in cache
|
||||
strategy.readAclsById(new ObjectIdentity[] { topParentOid, middleParentOid, childOid }, null); |
||||
|
||||
// Let's empty the database to force acls retrieval from cache
|
||||
emptyDatabase(); |
||||
Map map = strategy.readAclsById(new ObjectIdentity[] { topParentOid, middleParentOid, childOid }, null); |
||||
|
||||
checkEntries(topParentOid, middleParentOid, childOid, map); |
||||
} |
||||
|
||||
public void testAclsRetrievalWithCustomBatchSize() throws Exception { |
||||
LookupStrategy strategy = getBasicLookupStrategy(); |
||||
populateDatabase(); |
||||
|
||||
ObjectIdentity topParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(100)); |
||||
ObjectIdentity middleParentOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(101)); |
||||
ObjectIdentity childOid = new ObjectIdentityImpl("org.springframework.security.TargetObject", new Long(102)); |
||||
|
||||
// Set a batch size to allow multiple database queries in order to retrieve all acls
|
||||
((BasicLookupStrategy) strategy).setBatchSize(1); |
||||
Map map = strategy.readAclsById(new ObjectIdentity[] { topParentOid, middleParentOid, childOid }, null); |
||||
checkEntries(topParentOid, middleParentOid, childOid, map); |
||||
} |
||||
|
||||
private void checkEntries(ObjectIdentity topParentOid, ObjectIdentity middleParentOid, ObjectIdentity childOid, Map map) |
||||
throws Exception { |
||||
assertEquals(3, map.size()); |
||||
|
||||
MutableAcl topParent = (MutableAcl) map.get(topParentOid); |
||||
MutableAcl middleParent = (MutableAcl) map.get(middleParentOid); |
||||
MutableAcl child = (MutableAcl) map.get(childOid); |
||||
|
||||
// Check the retrieved versions has IDs
|
||||
Assert.assertNotNull(topParent.getId()); |
||||
Assert.assertNotNull(middleParent.getId()); |
||||
Assert.assertNotNull(child.getId()); |
||||
|
||||
// Check their parents were correctly retrieved
|
||||
Assert.assertNull(topParent.getParentAcl()); |
||||
Assert.assertEquals(topParentOid, middleParent.getParentAcl().getObjectIdentity()); |
||||
Assert.assertEquals(middleParentOid, child.getParentAcl().getObjectIdentity()); |
||||
|
||||
// Check their ACEs were correctly retrieved
|
||||
Assert.assertEquals(2, topParent.getEntries().length); |
||||
Assert.assertEquals(1, middleParent.getEntries().length); |
||||
Assert.assertEquals(1, child.getEntries().length); |
||||
|
||||
// Check object identities were correctly retrieved
|
||||
Assert.assertEquals(topParentOid, topParent.getObjectIdentity()); |
||||
Assert.assertEquals(middleParentOid, middleParent.getObjectIdentity()); |
||||
Assert.assertEquals(childOid, child.getObjectIdentity()); |
||||
|
||||
// Check each entry
|
||||
Assert.assertTrue(topParent.isEntriesInheriting()); |
||||
Assert.assertEquals(topParent.getId(), new Long(1)); |
||||
Assert.assertEquals(topParent.getOwner(), new PrincipalSid("ben")); |
||||
Assert.assertEquals(topParent.getEntries()[0].getId(), new Long(1)); |
||||
Assert.assertEquals(topParent.getEntries()[0].getPermission(), BasePermission.READ); |
||||
Assert.assertEquals(topParent.getEntries()[0].getSid(), new PrincipalSid("ben")); |
||||
Assert.assertFalse(((AuditableAccessControlEntry) topParent.getEntries()[0]).isAuditFailure()); |
||||
Assert.assertFalse(((AuditableAccessControlEntry) topParent.getEntries()[0]).isAuditSuccess()); |
||||
Assert.assertTrue(((AuditableAccessControlEntry) topParent.getEntries()[0]).isGranting()); |
||||
|
||||
Assert.assertEquals(topParent.getEntries()[1].getId(), new Long(2)); |
||||
Assert.assertEquals(topParent.getEntries()[1].getPermission(), BasePermission.WRITE); |
||||
Assert.assertEquals(topParent.getEntries()[1].getSid(), new PrincipalSid("ben")); |
||||
Assert.assertFalse(((AuditableAccessControlEntry) topParent.getEntries()[1]).isAuditFailure()); |
||||
Assert.assertFalse(((AuditableAccessControlEntry) topParent.getEntries()[1]).isAuditSuccess()); |
||||
Assert.assertFalse(((AuditableAccessControlEntry) topParent.getEntries()[1]).isGranting()); |
||||
|
||||
Assert.assertTrue(middleParent.isEntriesInheriting()); |
||||
Assert.assertEquals(middleParent.getId(), new Long(2)); |
||||
Assert.assertEquals(middleParent.getOwner(), new PrincipalSid("ben")); |
||||
Assert.assertEquals(middleParent.getEntries()[0].getId(), new Long(3)); |
||||
Assert.assertEquals(middleParent.getEntries()[0].getPermission(), BasePermission.DELETE); |
||||
Assert.assertEquals(middleParent.getEntries()[0].getSid(), new PrincipalSid("ben")); |
||||
Assert.assertFalse(((AuditableAccessControlEntry) middleParent.getEntries()[0]).isAuditFailure()); |
||||
Assert.assertFalse(((AuditableAccessControlEntry) middleParent.getEntries()[0]).isAuditSuccess()); |
||||
Assert.assertTrue(((AuditableAccessControlEntry) middleParent.getEntries()[0]).isGranting()); |
||||
|
||||
Assert.assertTrue(child.isEntriesInheriting()); |
||||
Assert.assertEquals(child.getId(), new Long(3)); |
||||
Assert.assertEquals(child.getOwner(), new PrincipalSid("ben")); |
||||
Assert.assertEquals(child.getEntries()[0].getId(), new Long(4)); |
||||
Assert.assertEquals(child.getEntries()[0].getPermission(), BasePermission.DELETE); |
||||
Assert.assertEquals(child.getEntries()[0].getSid(), new PrincipalSid("ben")); |
||||
Assert.assertFalse(((AuditableAccessControlEntry) child.getEntries()[0]).isAuditFailure()); |
||||
Assert.assertFalse(((AuditableAccessControlEntry) child.getEntries()[0]).isAuditSuccess()); |
||||
Assert.assertFalse(((AuditableAccessControlEntry) child.getEntries()[0]).isGranting()); |
||||
} |
||||
} |
||||
Loading…
Reference in new issue