UserRoleSecurityControllerTests xref


1   /**
2    * 
3    */
4   package org.springframework.richclient.security.support;
5   
6   import java.util.Iterator;
7   
8   import junit.framework.TestCase;
9   
10  import org.springframework.security.Authentication;
11  import org.springframework.security.ConfigAttribute;
12  import org.springframework.security.ConfigAttributeDefinition;
13  import org.springframework.security.GrantedAuthority;
14  import org.springframework.security.GrantedAuthorityImpl;
15  import org.springframework.security.providers.TestingAuthenticationToken;
16  
17  /**
18   * @author Larry Streepy
19   * 
20   */
21  public class UserRoleSecurityControllerTests extends TestCase {
22  
23      private TestUserRoleSecurityController controller;
24  
25      /*
26       * @see TestCase#setUp()
27       */
28      protected void setUp() throws Exception {
29          super.setUp();
30          controller = new TestUserRoleSecurityController();
31      }
32  
33      /**
34       * Test that the role string is properly parsed
35       */
36      public void testSetAuthorizingRoles() {
37          controller.setAuthorizingRoles( "ROLE_1,ROLE_2" );
38  
39          ConfigAttributeDefinition cad = controller.getParsedConfigs();
40          assertTrue( "Should be 2 roles", cad.getConfigAttributes().size() == 2 );
41  
42          Iterator iter = cad.getConfigAttributes().iterator();
43          ConfigAttribute attr1 = (ConfigAttribute) iter.next();
44          ConfigAttribute attr2 = (ConfigAttribute) iter.next();
45  
46          assertEquals( "Should be ROLE_1", attr1.getAttribute(), "ROLE_1" );
47          assertEquals( "Should be ROLE_2", attr2.getAttribute(), "ROLE_2" );
48      }
49  
50      /**
51       * Test that objects are properly authorized when the user holds any of the indicated
52       * roles.
53       */
54      public void testAuthorization() {
55          controller.setAuthorizingRoles( "ROLE_1,ROLE_2" );
56  
57          TestAuthorizable a1 = new TestAuthorizable( false );
58  
59          controller.addControlledObject( a1 );
60          assertFalse( "Object should not be authorized", a1.isAuthorized() );
61  
62          // Now set the authentication token so that it contains one of these roles
63          Authentication auth = new TestingAuthenticationToken( "USER1", "FOO",
64              new GrantedAuthority[] { new GrantedAuthorityImpl( "ROLE_1" ) } );
65          controller.setAuthenticationToken( auth );
66  
67          assertTrue( "Object should be authorized", a1.isAuthorized() );
68          assertEquals( "Object should be updated", a1.getAuthCount(), 2 );
69  
70          // Now to a token that does not contain one of the roles
71          auth = new TestingAuthenticationToken( "USER1", "FOO", new GrantedAuthority[] { new GrantedAuthorityImpl(
72              "ROLE_NOTFOUND" ) } );
73          controller.setAuthenticationToken( auth );
74  
75          assertFalse( "Object should not be authorized", a1.isAuthorized() );
76          assertEquals( "Object should be updated", a1.getAuthCount(), 3 );
77  
78          // Now to a null
79          controller.setAuthenticationToken( null );
80  
81          assertFalse( "Object should not be authorized", a1.isAuthorized() );
82          assertEquals( "Object should be updated", a1.getAuthCount(), 4 );
83      }
84  
85      /**
86       * More accessible implementation.
87       */
88      public class TestUserRoleSecurityController extends UserRoleSecurityController {
89          public ConfigAttributeDefinition getParsedConfigs() {
90              return getConfigAttributeDefinition( null );
91          }
92      }
93  }