import org.apache.commons.lang.SystemUtils;
import org.apache.archiva.redback.keys.KeyManagerException;
import org.apache.archiva.redback.rbac.RbacManagerException;
-import org.codehaus.plexus.redback.tests.utils.RBACDefaults;
+import org.apache.archiva.redback.tests.utils.RBACDefaults;
import org.apache.archiva.redback.users.User;
import org.codehaus.plexus.util.FileUtils;
import org.codehaus.plexus.util.IOUtil;
*/
import org.apache.archiva.redback.rbac.RBACManager;
-import org.apache.archiva.redback.rbac.cached.CachedRbacManager;
-import org.codehaus.plexus.redback.tests.AbstractRbacManagerPerformanceTestCase;
+import org.apache.archiva.redback.tests.AbstractRbacManagerPerformanceTestCase;
import org.junit.After;
import org.junit.Before;
import net.sf.ehcache.CacheManager;
import org.apache.archiva.redback.rbac.RBACManager;
-import org.apache.archiva.redback.rbac.cached.CachedRbacManager;
-import org.codehaus.plexus.redback.tests.AbstractRbacManagerTestCase;
+import org.apache.archiva.redback.tests.AbstractRbacManagerTestCase;
import org.junit.Before;
import javax.inject.Inject;
import net.sf.ehcache.CacheManager;
import org.apache.archiva.redback.rbac.RbacManagerException;
-import org.apache.archiva.redback.rbac.jdo.JdoRbacManager;
import org.codehaus.plexus.jdo.DefaultConfigurableJdoFactory;
import org.apache.archiva.redback.common.jdo.test.StoreManagerDebug;
import org.apache.archiva.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.tests.AbstractRbacManagerTestCase;
+import org.apache.archiva.redback.tests.AbstractRbacManagerTestCase;
import org.jpox.AbstractPersistenceManagerFactory;
import org.jpox.SchemaTool;
import org.junit.Before;
*/
import org.apache.archiva.redback.rbac.RBACManager;
-import org.codehaus.plexus.redback.tests.AbstractRbacManagerTestCase;
+import org.apache.archiva.redback.tests.AbstractRbacManagerTestCase;
import org.junit.Before;
import javax.inject.Inject;
--- /dev/null
+package org.apache.archiva.redback.tests;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+import junit.framework.TestCase;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.Operation;
+import org.apache.archiva.redback.tests.utils.RBACDefaults;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import java.util.Collections;
+
+@RunWith( SpringJUnit4ClassRunner.class )
+@ContextConfiguration( locations = { "classpath*:/META-INF/spring-context.xml", "classpath*:/spring-context.xml" } )
+public class AbstractRbacManagerPerformanceTestCase
+ extends TestCase
+{
+ private RBACManager rbacManager;
+
+ private RBACDefaults rbacDefaults;
+
+ public void setRbacManager( RBACManager store )
+ {
+ this.rbacManager = store;
+ rbacDefaults = new RBACDefaults( rbacManager );
+ }
+
+ public void setUp()
+ throws Exception
+ {
+ super.setUp();
+ }
+
+ public void tearDown()
+ throws Exception
+ {
+ super.tearDown();
+ }
+
+ private Role getDeveloperRole()
+ throws RbacManagerException
+ {
+ Role role = rbacManager.createRole( "DEVELOPER" );
+ role.setAssignable( true );
+
+ Permission perm = rbacManager.createPermission( "EDIT_MY_USER", "EDIT", "User:Self" );
+
+ role.addPermission( perm );
+
+ return role;
+ }
+
+ private Role getSuperDeveloperRole()
+ {
+ Role role = rbacManager.createRole( "SUPER_DEVELOPER" );
+ role.setAssignable( true );
+
+ return role;
+ }
+
+ private static final int ITERATIONS = 10000;
+
+ private static final int ONESECOND = 1000;
+
+ public void assertPerformance( String msg, long startTime, long endTime, int iterations, double threshold )
+ {
+ long elapsed = endTime - startTime;
+ double ratio = (double) elapsed / (double) ONESECOND; // ratio of time to 1 second.
+ double opsPerSecond = (double) iterations / ratio;
+
+ System.out.println( "Performance " + msg + ": " + opsPerSecond + " operations per second. (effective)" );
+
+ if ( opsPerSecond < threshold )
+ {
+ // Failure
+
+ StringBuffer stats = new StringBuffer();
+
+ stats.append( "Stats on " ).append( msg );
+ stats.append( "\nStart Time (ms): " ).append( Long.toString( startTime ) );
+ stats.append( "\nEnd Time (ms) : " ).append( Long.toString( endTime ) );
+ stats.append( "\nElapsed (ms) : " ).append( Long.toString( elapsed ) );
+ stats.append( "\nRatio : " ).append( Double.toString( ratio ) );
+ stats.append( "\nOps per second : " ).append( Double.toString( opsPerSecond ) );
+
+ System.out.println( stats.toString() );
+
+ fail( "Performance Error: " + msg + " expecting greater than [" + threshold + "], actual [" + opsPerSecond
+ + "]" );
+ }
+ }
+
+ @Test
+ public void testPerformanceResource()
+ throws RbacManagerException
+ {
+ assertNotNull( rbacManager );
+ rbacManager.eraseDatabase();
+
+ Resource resource = rbacManager.createResource( "foo" );
+ Resource resource2 = rbacManager.createResource( "bar" );
+
+ assertNotNull( resource );
+
+ Resource added = rbacManager.saveResource( resource );
+ assertNotNull( added );
+ Resource added2 = rbacManager.saveResource( resource2 );
+ assertNotNull( added2 );
+
+ assertEquals( 2, rbacManager.getAllResources().size() );
+
+ String resFooId = resource.getIdentifier();
+ String resBarId = resource2.getIdentifier();
+ long startTime = System.currentTimeMillis();
+
+ for ( int i = 0; i <= ITERATIONS; i++ )
+ {
+ Resource resFoo = rbacManager.getResource( resFooId );
+ Resource resBar = rbacManager.getResource( resBarId );
+
+ assertNotNull( resFoo );
+ assertNotNull( resBar );
+
+ assertEquals( "foo", resFoo.getIdentifier() );
+ assertEquals( "bar", resBar.getIdentifier() );
+ }
+
+ long endTime = System.currentTimeMillis();
+
+ assertPerformance( "Resource", startTime, endTime, ITERATIONS, 500.0 );
+ }
+
+ @Test
+ public void testPerformanceUserAssignment()
+ throws RbacManagerException
+ {
+ RBACManager manager = rbacManager;
+
+ rbacManager.eraseDatabase();
+
+ Role devRole = getDeveloperRole();
+ Role devPlusRole = getSuperDeveloperRole();
+ devPlusRole.setChildRoleNames( Collections.singletonList( devRole.getName() ) );
+ devRole = manager.saveRole( devRole );
+ devPlusRole = manager.saveRole( devPlusRole );
+
+ // Setup User / Assignment with 1 role.
+ String username = "bob";
+ UserAssignment assignment = manager.createUserAssignment( username );
+ assignment.addRoleName( devRole );
+ assignment = manager.saveUserAssignment( assignment );
+
+ assertEquals( 1, manager.getAllUserAssignments().size() );
+ assertEquals( "should be only one role assigned", 1, manager.getAssignedRoles( assignment.getPrincipal() )
+ .size() );
+ assertEquals( "should be one role left to assign", 1, manager.getUnassignedRoles( assignment.getPrincipal() )
+ .size() );
+ assertEquals( 2, manager.getAllRoles().size() );
+
+ // assign the same role again to the same user
+ assignment.addRoleName( devRole.getName() );
+ manager.saveUserAssignment( assignment );
+
+ // we certainly shouldn't have 2 roles here now
+ assertEquals( 1, assignment.getRoleNames().size() );
+
+ String bobId = assignment.getPrincipal();
+
+ username = "janet";
+
+ devPlusRole.setChildRoleNames( Collections.singletonList( devRole.getName() ) );
+ devRole = manager.saveRole( devRole );
+ manager.saveRole( devPlusRole );
+
+ assignment = manager.createUserAssignment( username );
+ assignment.addRoleName( devRole );
+ assignment = manager.saveUserAssignment( assignment );
+
+ assertEquals( 2, manager.getAllUserAssignments().size() );
+ assertEquals( "should be only one role assigned", 1, manager.getAssignedRoles( assignment.getPrincipal() )
+ .size() );
+ assertEquals( "should be one role left to assign", 1, manager.getUnassignedRoles( assignment.getPrincipal() )
+ .size() );
+ assertEquals( 2, manager.getAllRoles().size() );
+
+ // assign the same role again to the same user
+ assignment.addRoleName( devRole.getName() );
+ manager.saveUserAssignment( assignment );
+
+ // we certainly shouldn't have 2 roles here now
+ assertEquals( 1, assignment.getRoleNames().size() );
+
+ String janetId = assignment.getPrincipal();
+
+ long startTime = System.currentTimeMillis();
+
+ for ( int i = 0; i <= ITERATIONS; i++ )
+ {
+ UserAssignment uaBob = rbacManager.getUserAssignment( bobId );
+ UserAssignment uaJanet = rbacManager.getUserAssignment( janetId );
+
+ assertNotNull( uaBob );
+ assertNotNull( uaJanet );
+
+ assertEquals( "bob", uaBob.getPrincipal() );
+ assertEquals( "janet", uaJanet.getPrincipal() );
+ }
+
+ long endTime = System.currentTimeMillis();
+ assertPerformance( "UserAssignment", startTime, endTime, ITERATIONS, 350.0 );
+ }
+
+ @Test
+ public void testPerformanceRoles()
+ throws RbacManagerException
+ {
+ rbacDefaults.createDefaults();
+
+ String roleIdSysAdmin = "System Administrator";
+ String roleIdUserAdmin = "User Administrator";
+
+ long startTime = System.currentTimeMillis();
+
+ for ( int i = 0; i <= ITERATIONS; i++ )
+ {
+ Role roleSysAdmin = rbacManager.getRole( roleIdSysAdmin );
+ Role roleUserAdmin = rbacManager.getRole( roleIdUserAdmin );
+
+ assertNotNull( roleSysAdmin );
+ assertNotNull( roleUserAdmin );
+
+ assertEquals( roleIdSysAdmin, roleSysAdmin.getName() );
+ assertEquals( roleIdUserAdmin, roleUserAdmin.getName() );
+ }
+
+ long endTime = System.currentTimeMillis();
+
+ assertPerformance( "Roles", startTime, endTime, ITERATIONS, 130 );
+ }
+
+ @Test
+ public void testPerformancePermissions()
+ throws RbacManagerException
+ {
+ rbacDefaults.createDefaults();
+
+ String permIdRunIndexer = "Run Indexer";
+ String permIdAddRepo = "Add Repository";
+
+ long startTime = System.currentTimeMillis();
+
+ for ( int i = 0; i <= ITERATIONS; i++ )
+ {
+ Permission permRunIndex = rbacManager.getPermission( permIdRunIndexer );
+ Permission permAddRepo = rbacManager.getPermission( permIdAddRepo );
+
+ assertNotNull( permRunIndex );
+ assertNotNull( permAddRepo );
+
+ assertEquals( permIdRunIndexer, permRunIndex.getName() );
+ assertEquals( permIdAddRepo, permAddRepo.getName() );
+ }
+
+ long endTime = System.currentTimeMillis();
+
+ assertPerformance( "Permissions", startTime, endTime, ITERATIONS, 350 );
+ }
+
+ @Test
+ public void testPerformanceOperations()
+ throws RbacManagerException
+ {
+ rbacDefaults.createDefaults();
+
+ String operIdEditRepo = "edit-repository";
+ String operIdDelRepo = "delete-repository";
+
+ long startTime = System.currentTimeMillis();
+
+ for ( int i = 0; i <= ITERATIONS; i++ )
+ {
+ Operation operEditRepo = rbacManager.getOperation( operIdEditRepo );
+ Operation operDelRepo = rbacManager.getOperation( operIdDelRepo );
+
+ assertNotNull( operEditRepo );
+ assertNotNull( operDelRepo );
+
+ assertEquals( operIdEditRepo, operEditRepo.getName() );
+ assertEquals( operIdDelRepo, operDelRepo.getName() );
+ }
+
+ long endTime = System.currentTimeMillis();
+
+ assertPerformance( "Operations", startTime, endTime, ITERATIONS, 500 );
+ }
+}
\ No newline at end of file
--- /dev/null
+package org.apache.archiva.redback.tests;
+
+/*
+ * Copyright 2001-2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import junit.framework.TestCase;
+import org.apache.archiva.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.UserAssignment;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RbacPermanentException;
+import org.apache.archiva.redback.tests.utils.RBACDefaults;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import java.util.Collection;
+import java.util.Collections;
+import java.util.List;
+import java.util.Set;
+
+/**
+ * AbstractRbacManagerTestCase
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+@RunWith( SpringJUnit4ClassRunner.class )
+@ContextConfiguration( locations = { "classpath*:/META-INF/spring-context.xml", "classpath*:/spring-context.xml" } )
+public abstract class AbstractRbacManagerTestCase
+ extends TestCase
+{
+ private RBACManager rbacManager;
+
+ protected RbacManagerEventTracker eventTracker;
+
+ private RBACDefaults rbacDefaults;
+
+ public void setRbacManager( RBACManager store )
+ {
+ this.rbacManager = store;
+ if ( this.rbacManager != null )
+ {
+ this.eventTracker = new RbacManagerEventTracker();
+ this.rbacManager.addListener( eventTracker );
+ }
+ rbacDefaults = new RBACDefaults( rbacManager );
+ }
+
+ public RBACManager getRbacManager()
+ {
+ return this.rbacManager;
+ }
+
+ public void setUp()
+ throws Exception
+ {
+ super.setUp();
+ }
+
+ public void tearDown()
+ throws Exception
+ {
+ super.tearDown();
+ }
+
+ private Role getAdminRole()
+ throws RbacManagerException
+ {
+ Role role = rbacManager.createRole( "ADMIN" );
+ role.setAssignable( false );
+
+ Permission perm = rbacManager.createPermission( "EDIT_ANY_USER", "EDIT", "User:*" );
+
+ role.addPermission( perm );
+
+ return role;
+ }
+
+ private Role getDeveloperRole()
+ throws RbacManagerException
+ {
+ Role role = rbacManager.createRole( "DEVELOPER" );
+ role.setAssignable( true );
+
+ Permission perm = rbacManager.createPermission( "EDIT_MY_USER", "EDIT", "User:Self" );
+
+ role.addPermission( perm );
+
+ return role;
+ }
+
+ private Role getProjectAdminRole()
+ throws RbacManagerException
+ {
+ Role role = rbacManager.createRole( "PROJECT_ADMIN" );
+ role.setAssignable( true );
+
+ Permission perm = rbacManager.createPermission( "EDIT_PROJECT", "EDIT", "Project:Foo" );
+
+ role.addPermission( perm );
+
+ return role;
+ }
+
+ private Role getSuperDeveloperRole()
+ {
+ Role role = rbacManager.createRole( "SUPER_DEVELOPER" );
+ role.setAssignable( true );
+
+ return role;
+ }
+
+ @Test
+ public void testStoreInitialization()
+ throws Exception
+ {
+ assertNotNull( rbacManager );
+
+ Role role = getAdminRole();
+
+ assertNotNull( role );
+
+ Role added = rbacManager.saveRole( role );
+
+ assertEquals( 1, rbacManager.getAllRoles().size() );
+
+ assertNotNull( added );
+
+ rbacManager.removeRole( added );
+
+ assertEquals( 0, rbacManager.getAllRoles().size() );
+
+ /* Assert some event tracker stuff */
+ assertNotNull( eventTracker );
+ //assertEquals( 1, eventTracker.initCount );
+ //assertTrue( eventTracker.lastDbFreshness.booleanValue() );
+
+ assertEquals( 1, eventTracker.addedRoleNames.size() );
+ assertEquals( 1, eventTracker.removedRoleNames.size() );
+ assertEquals( 1, eventTracker.addedPermissionNames.size() );
+ assertEquals( 0, eventTracker.removedPermissionNames.size() );
+ }
+
+ @Test
+ public void testResources()
+ throws Exception
+ {
+ assertNotNull( rbacManager );
+
+ rbacManager.eraseDatabase();
+ eventTracker.rbacInit( true );
+
+ Resource resource = rbacManager.createResource( "foo" );
+ Resource resource2 = rbacManager.createResource( "bar" );
+
+ assertNotNull( resource );
+
+ Resource added = rbacManager.saveResource( resource );
+ assertNotNull( added );
+ Resource added2 = rbacManager.saveResource( resource2 );
+ assertNotNull( added2 );
+
+ assertEquals( 2, rbacManager.getAllResources().size() );
+
+ rbacManager.removeResource( added );
+
+ assertEquals( 1, rbacManager.getAllResources().size() );
+
+ /* Assert some event tracker stuff */
+ assertNotNull( eventTracker );
+ assertEquals( 1, eventTracker.initCount );
+ assertTrue( eventTracker.lastDbFreshness.booleanValue() );
+
+ assertEquals( 0, eventTracker.addedRoleNames.size() );
+ assertEquals( 0, eventTracker.removedRoleNames.size() );
+ assertEquals( 0, eventTracker.addedPermissionNames.size() );
+ assertEquals( 0, eventTracker.removedPermissionNames.size() );
+ }
+
+ @Test
+ public void testAddGetPermission()
+ throws RbacManagerException
+ {
+ assertNotNull( rbacManager );
+
+ rbacManager.eraseDatabase();
+ eventTracker.rbacInit( true );
+
+ Role adminRole = rbacManager.saveRole( getAdminRole() );
+ rbacManager.saveRole( getDeveloperRole() );
+
+ assertEquals( 2, rbacManager.getAllRoles().size() );
+ assertEquals( 2, rbacManager.getAllPermissions().size() );
+
+ Permission createUserPerm = rbacManager.createPermission( "CREATE_USER", "CREATE", "User" );
+
+ // perm shouldn't exist in manager (yet)
+ assertEquals( 2, rbacManager.getAllPermissions().size() );
+
+ adminRole.addPermission( createUserPerm );
+ rbacManager.saveRole( adminRole );
+
+ // perm should exist in manager now.
+ assertEquals( 3, rbacManager.getAllPermissions().size() );
+ Permission fetched = rbacManager.getPermission( "CREATE_USER" );
+ assertNotNull( fetched );
+
+ /* Assert some event tracker stuff */
+ assertNotNull( eventTracker );
+ assertEquals( 1, eventTracker.initCount );
+ assertTrue( eventTracker.lastDbFreshness.booleanValue() );
+
+ assertEquals( 2, eventTracker.addedRoleNames.size() );
+ assertEquals( 0, eventTracker.removedRoleNames.size() );
+ assertEquals( 3, eventTracker.addedPermissionNames.size() );
+ assertEquals( 0, eventTracker.removedPermissionNames.size() );
+ }
+
+ @Test
+ public void testAddGetRole()
+ throws RbacManagerException
+ {
+ assertNotNull( rbacManager );
+
+ rbacManager.eraseDatabase();
+ eventTracker.rbacInit( true );
+
+ Role adminRole = rbacManager.saveRole( getAdminRole() );
+ Role develRole = rbacManager.saveRole( getDeveloperRole() );
+
+ assertEquals( 2, rbacManager.getAllRoles().size() );
+
+ Role actualAdmin = rbacManager.getRole( adminRole.getName() );
+ Role actualDevel = rbacManager.getRole( develRole.getName() );
+
+ assertEquals( adminRole, actualAdmin );
+ assertEquals( develRole, actualDevel );
+
+ /* Assert some event tracker stuff */
+ assertNotNull( eventTracker );
+ assertEquals( 1, eventTracker.initCount );
+ assertTrue( eventTracker.lastDbFreshness.booleanValue() );
+
+ assertEquals( 2, eventTracker.addedRoleNames.size() );
+ assertEquals( 0, eventTracker.removedRoleNames.size() );
+ assertEquals( 2, eventTracker.addedPermissionNames.size() );
+ assertEquals( 0, eventTracker.removedPermissionNames.size() );
+ }
+
+ @Test
+ public void testAllowRoleWithoutPermissions()
+ throws RbacManagerException
+ {
+ assertNotNull( rbacManager );
+
+ rbacManager.eraseDatabase();
+ eventTracker.rbacInit( true );
+
+ String rolename = "Test Role";
+
+ Role testRole = rbacManager.createRole( rolename );
+ testRole = rbacManager.saveRole( testRole );
+
+ assertNotNull( testRole );
+ assertEquals( 1, rbacManager.getAllRoles().size() );
+ assertEquals( 0, rbacManager.getAllPermissions().size() );
+
+ Role actualRole = rbacManager.getRole( rolename );
+
+ assertEquals( testRole, actualRole );
+ assertEquals( 1, rbacManager.getAllRoles().size() );
+ assertEquals( 0, rbacManager.getAllPermissions().size() );
+
+ /* Assert some event tracker stuff */
+ assertNotNull( eventTracker );
+ assertEquals( 1, eventTracker.initCount );
+ assertTrue( eventTracker.lastDbFreshness.booleanValue() );
+
+ assertEquals( 1, eventTracker.addedRoleNames.size() );
+ assertEquals( 0, eventTracker.removedRoleNames.size() );
+ assertEquals( 0, eventTracker.addedPermissionNames.size() );
+ assertEquals( 0, eventTracker.removedPermissionNames.size() );
+ }
+
+ @Test
+ public void testAddGetChildRole()
+ throws RbacManagerException
+ {
+ RBACManager manager = rbacManager;
+ assertNotNull( manager );
+
+ rbacManager.eraseDatabase();
+ eventTracker.rbacInit( true );
+
+ Role adminRole = manager.saveRole( getAdminRole() );
+ Role develRole = manager.saveRole( getDeveloperRole() );
+
+ assertEquals( 2, manager.getAllRoles().size() );
+
+ Role actualAdmin = manager.getRole( adminRole.getName() );
+ Role actualDevel = manager.getRole( develRole.getName() );
+
+ assertEquals( adminRole, actualAdmin );
+ assertEquals( develRole, actualDevel );
+
+ // Now add a child role.
+ manager.addChildRole( develRole, getProjectAdminRole() );
+
+ manager.saveRole( develRole );
+
+ assertEquals( 3, manager.getAllRoles().size() );
+
+ /* Assert some event tracker stuff */
+ assertNotNull( eventTracker );
+ assertEquals( 1, eventTracker.initCount );
+ assertTrue( eventTracker.lastDbFreshness.booleanValue() );
+
+ assertEquals( 3, eventTracker.addedRoleNames.size() );
+ assertEquals( 0, eventTracker.removedRoleNames.size() );
+ assertEquals( 3, eventTracker.addedPermissionNames.size() );
+ assertEquals( 0, eventTracker.removedPermissionNames.size() );
+ }
+
+ @Test
+ public void testAddGetChildRoleViaName()
+ throws RbacManagerException
+ {
+ RBACManager manager = rbacManager;
+ rbacManager.eraseDatabase();
+ eventTracker.rbacInit( true );
+ assertNotNull( manager );
+
+ Role adminRole = manager.saveRole( getAdminRole() );
+ Role develRole = manager.saveRole( getDeveloperRole() );
+
+ assertEquals( 2, manager.getAllRoles().size() );
+
+ Role actualAdmin = manager.getRole( adminRole.getName() );
+ Role actualDevel = manager.getRole( develRole.getName() );
+
+ assertEquals( adminRole, actualAdmin );
+ assertEquals( develRole, actualDevel );
+
+ // Now do a child role.
+ Role projectRole = getProjectAdminRole();
+ String projectRoleName = projectRole.getName();
+ manager.saveRole( projectRole );
+
+ develRole.addChildRoleName( projectRoleName );
+
+ manager.saveRole( develRole );
+
+ assertEquals( 3, manager.getAllRoles().size() );
+
+ /* Assert some event tracker stuff */
+ assertNotNull( eventTracker );
+ assertEquals( 1, eventTracker.initCount );
+ assertTrue( eventTracker.lastDbFreshness.booleanValue() );
+
+ assertEquals( 3, eventTracker.addedRoleNames.size() );
+ assertEquals( 0, eventTracker.removedRoleNames.size() );
+ assertEquals( 3, eventTracker.addedPermissionNames.size() );
+ assertEquals( 0, eventTracker.removedPermissionNames.size() );
+ }
+
+ @Test
+ public void testUserAssignmentAddRole()
+ throws RbacManagerException
+ {
+ RBACManager manager = rbacManager;
+
+ rbacManager.eraseDatabase();
+ eventTracker.rbacInit( true );
+
+ Role adminRole = manager.saveRole( getAdminRole() );
+
+ assertEquals( 1, manager.getAllRoles().size() );
+
+ String adminPrincipal = "admin";
+
+ UserAssignment assignment = manager.createUserAssignment( adminPrincipal );
+
+ assignment.addRoleName( adminRole );
+
+ manager.saveUserAssignment( assignment );
+
+ assertEquals( 1, manager.getAllUserAssignments().size() );
+ assertEquals( 1, manager.getAllRoles().size() );
+
+ UserAssignment ua = manager.getUserAssignment( adminPrincipal );
+ assertNotNull( ua );
+
+ Role fetched = manager.getRole( "ADMIN" );
+ assertNotNull( fetched );
+
+ /* Assert some event tracker stuff */
+ assertNotNull( eventTracker );
+ assertEquals( 1, eventTracker.initCount );
+ assertTrue( eventTracker.lastDbFreshness.booleanValue() );
+
+ assertEquals( 1, eventTracker.addedRoleNames.size() );
+ assertEquals( 0, eventTracker.removedRoleNames.size() );
+ assertEquals( 1, eventTracker.addedPermissionNames.size() );
+ assertEquals( 0, eventTracker.removedPermissionNames.size() );
+ }
+
+ @Test
+ public void testUserAssignmentWithChildRoles()
+ throws RbacManagerException
+ {
+ RBACManager manager = rbacManager;
+ rbacManager.eraseDatabase();
+ Role developerRole = manager.saveRole( getDeveloperRole() );
+
+ Role adminRole = getAdminRole();
+
+ adminRole.addChildRoleName( developerRole.getName() );
+
+ adminRole = manager.saveRole( adminRole );
+
+ String adminPrincipal = "admin";
+ UserAssignment assignment = manager.createUserAssignment( adminPrincipal );
+ assignment.addRoleName( adminRole );
+ assignment = manager.saveUserAssignment( assignment );
+
+ assertEquals( 1, assignment.getRoleNames().size() );
+ assertEquals( 1, manager.getAssignedRoles( adminPrincipal ).size() );
+ }
+
+ @Test
+ public void testGetAssignedPermissionsNoChildRoles()
+ throws RbacManagerException
+ {
+ RBACManager manager = rbacManager;
+
+ rbacManager.eraseDatabase();
+ eventTracker.rbacInit( true );
+
+ Role admin = getAdminRole();
+
+ admin = manager.saveRole( admin );
+
+ assertEquals( 1, manager.getAllRoles().size() );
+
+ String adminPrincipal = "admin";
+
+ UserAssignment ua = manager.createUserAssignment( adminPrincipal );
+
+ ua.addRoleName( admin );
+
+ manager.saveUserAssignment( ua );
+
+ assertEquals( 1, manager.getAllUserAssignments().size() );
+
+ Set<Permission> assignedPermissions = manager.getAssignedPermissions( adminPrincipal );
+
+ assertNotNull( assignedPermissions );
+ assertEquals( 1, assignedPermissions.size() );
+
+ /* Assert some event tracker stuff */
+ assertNotNull( eventTracker );
+ assertEquals( 1, eventTracker.initCount );
+ assertTrue( eventTracker.lastDbFreshness.booleanValue() );
+
+ assertEquals( 1, eventTracker.addedRoleNames.size() );
+ assertEquals( 0, eventTracker.removedRoleNames.size() );
+ assertEquals( 1, eventTracker.addedPermissionNames.size() );
+ assertEquals( 0, eventTracker.removedPermissionNames.size() );
+ }
+
+ @Test
+ public void testGlobalResource()
+ throws RbacManagerException
+ {
+ RBACManager manager = rbacManager;
+ rbacManager.eraseDatabase();
+ eventTracker.rbacInit( true );
+ Permission editConfiguration = manager.createPermission( "Edit Configuration" );
+ editConfiguration.setOperation( manager.createOperation( "edit-configuration" ) );
+ editConfiguration.setResource( manager.getGlobalResource() );
+ manager.savePermission( editConfiguration );
+
+ assertEquals( 1, manager.getAllPermissions().size() );
+ assertEquals( 1, manager.getAllOperations().size() );
+ assertEquals( 1, manager.getAllResources().size() );
+
+ Permission deleteConfiguration = manager.createPermission( "Delete Configuration" );
+ deleteConfiguration.setOperation( manager.createOperation( "delete-configuration" ) );
+ deleteConfiguration.setResource( manager.getGlobalResource() );
+ manager.savePermission( deleteConfiguration );
+
+ assertEquals( 2, manager.getAllPermissions().size() );
+ assertEquals( 2, manager.getAllOperations().size() );
+ assertEquals( 1, manager.getAllResources().size() );
+
+ /* Assert some event tracker stuff */
+ assertNotNull( eventTracker );
+ assertEquals( 1, eventTracker.initCount );
+ assertTrue( eventTracker.lastDbFreshness.booleanValue() );
+
+ assertEquals( 0, eventTracker.addedRoleNames.size() );
+ assertEquals( 0, eventTracker.removedRoleNames.size() );
+ assertEquals( 2, eventTracker.addedPermissionNames.size() );
+ assertEquals( 0, eventTracker.removedPermissionNames.size() );
+ }
+
+ @Test
+ public void testGlobalResourceOneLiner()
+ throws RbacManagerException
+ {
+ RBACManager manager = rbacManager;
+ rbacManager.eraseDatabase();
+ eventTracker.rbacInit( true );
+ manager.savePermission(
+ manager.createPermission( "Edit Configuration", "edit-configuration", Resource.GLOBAL ) );
+ manager.savePermission(
+ manager.createPermission( "Delete Configuration", "delete-configuration", Resource.GLOBAL ) );
+
+ /* Assert some event tracker stuff */
+ assertNotNull( eventTracker );
+ assertEquals( 1, eventTracker.initCount );
+ assertTrue( eventTracker.lastDbFreshness.booleanValue() );
+
+ assertEquals( 0, eventTracker.addedRoleNames.size() );
+ assertEquals( 0, eventTracker.removedRoleNames.size() );
+ assertEquals( 2, eventTracker.addedPermissionNames.size() );
+ assertEquals( 0, eventTracker.removedPermissionNames.size() );
+ }
+
+ @Test
+ public void testUserAssignmentAddRemoveSecondRole()
+ throws RbacManagerException
+ {
+ RBACManager manager = rbacManager;
+
+ rbacManager.eraseDatabase();
+ eventTracker.rbacInit( true );
+
+ Role developerRole = getDeveloperRole();
+ manager.saveRole( developerRole );
+
+ // Setup User / Assignment with 1 role.
+ String username = "bob";
+ UserAssignment assignment = manager.createUserAssignment( username );
+ assignment.addRoleName( developerRole );
+ manager.saveUserAssignment( assignment );
+
+ assertEquals( 1, manager.getAllUserAssignments().size() );
+ assertEquals( 1, manager.getAllRoles().size() );
+
+ // Create another role add it to manager.
+ Role projectAdmin = getProjectAdminRole();
+ String projectAdminRoleName = projectAdmin.getName();
+ manager.saveRole( projectAdmin );
+
+ // Get User Assignment, add a second role
+ UserAssignment bob = manager.getUserAssignment( username );
+ bob.addRoleName( projectAdminRoleName );
+ bob = manager.saveUserAssignment( bob );
+
+ assertEquals( 1, manager.getAllUserAssignments().size() );
+ assertEquals( 2, manager.getAllRoles().size() );
+ assertEquals( 2, bob.getRoleNames().size() );
+ assertEquals( 0, manager.getUnassignedRoles( bob.getPrincipal() ).size() );
+
+ List<String> roles = bob.getRoleNames();
+ assertEquals( 2, roles.size() );
+
+ // Remove 1 role from bob, end up with 1 role for bob.
+ roles.remove( projectAdminRoleName );
+ assertEquals( 1, roles.size() );
+ bob.setRoleNames( roles );
+ bob = manager.saveUserAssignment( bob );
+ assertEquals( "Should only have 1 role under bob now.", 1, bob.getRoleNames().size() );
+ assertEquals( "Should have 2 total roles still.", 2, manager.getAllRoles().size() );
+ assertEquals( "Should have 1 assignable role", 1, manager.getUnassignedRoles( bob.getPrincipal() ).size() );
+
+ // Fetch bob again. see if role is missing.
+ UserAssignment cousin = manager.getUserAssignment( username );
+ assertEquals( 1, cousin.getRoleNames().size() );
+
+ assertEquals( "Should only have 1 role under bob now.", 1, cousin.getRoleNames().size() );
+ assertEquals( "Should have 2 total roles still.", 2, manager.getAllRoles().size() );
+
+ // remove the last role
+ roles.remove( developerRole.getName() );
+ bob.setRoleNames( roles );
+ bob = manager.saveUserAssignment( bob );
+ assertEquals( "Should have 2 assignable roles.", 2, manager.getUnassignedRoles( bob.getPrincipal() ).size() );
+
+ /* Assert some event tracker stuff */
+ assertNotNull( eventTracker );
+ assertEquals( 1, eventTracker.initCount );
+ assertTrue( eventTracker.lastDbFreshness.booleanValue() );
+
+ assertEquals( 2, eventTracker.addedRoleNames.size() );
+ assertEquals( 0, eventTracker.removedRoleNames.size() );
+ assertEquals( 2, eventTracker.addedPermissionNames.size() );
+ assertEquals( 0, eventTracker.removedPermissionNames.size() );
+ }
+
+ @Test
+ public void testUserAssignmentMultipleRoles()
+ throws RbacManagerException
+ {
+ RBACManager manager = rbacManager;
+
+ rbacManager.eraseDatabase();
+ eventTracker.rbacInit( true );
+
+ Role devRole = getDeveloperRole();
+ manager.saveRole( devRole );
+
+ // Setup User / Assignment with 1 role.
+ String username = "bob";
+ UserAssignment assignment = manager.createUserAssignment( username );
+ assignment.addRoleName( devRole );
+ assignment = manager.saveUserAssignment( assignment );
+
+ assertEquals( 1, manager.getAllUserAssignments().size() );
+ assertEquals( 1, manager.getAllRoles().size() );
+
+ // assign the same role again to the same user
+ assignment.addRoleName( devRole.getName() );
+ manager.saveUserAssignment( assignment );
+
+ // we certainly shouldn't have 2 roles here now
+ assertEquals( 1, assignment.getRoleNames().size() );
+
+ /* Assert some event tracker stuff */
+ assertNotNull( eventTracker );
+ assertEquals( 1, eventTracker.initCount );
+ assertTrue( eventTracker.lastDbFreshness.booleanValue() );
+
+ assertEquals( 1, eventTracker.addedRoleNames.size() );
+ assertEquals( 0, eventTracker.removedRoleNames.size() );
+ assertEquals( 1, eventTracker.addedPermissionNames.size() );
+ assertEquals( 0, eventTracker.removedPermissionNames.size() );
+ }
+
+ @Test
+ public void testUserAssignmentMultipleRolesWithChildRoles()
+ throws RbacManagerException
+ {
+ RBACManager manager = rbacManager;
+
+ rbacManager.eraseDatabase();
+ eventTracker.rbacInit( true );
+
+ Role devRole = getDeveloperRole();
+ Role devPlusRole = getSuperDeveloperRole();
+ devPlusRole.setChildRoleNames( Collections.singletonList( devRole.getName() ) );
+ manager.saveRole( devRole );
+ manager.saveRole( devPlusRole );
+
+ // Setup User / Assignment with 1 role.
+ String username = "bob";
+ UserAssignment assignment = manager.createUserAssignment( username );
+ assignment.addRoleName( devRole );
+ assignment = manager.saveUserAssignment( assignment );
+
+ assertEquals( 1, manager.getAllUserAssignments().size() );
+ assertEquals( "should be only one role assigned", 1,
+ manager.getAssignedRoles( assignment.getPrincipal() ).size() );
+ assertEquals( "should be one role left to assign", 1,
+ manager.getUnassignedRoles( assignment.getPrincipal() ).size() );
+ assertEquals( 2, manager.getAllRoles().size() );
+
+ // assign the same role again to the same user
+ assignment.addRoleName( devRole.getName() );
+ manager.saveUserAssignment( assignment );
+
+ // we certainly shouldn't have 2 roles here now
+ assertEquals( 1, assignment.getRoleNames().size() );
+
+ /* Assert some event tracker stuff */
+ assertNotNull( eventTracker );
+ assertEquals( 1, eventTracker.initCount );
+ assertTrue( eventTracker.lastDbFreshness.booleanValue() );
+
+ assertEquals( 2, eventTracker.addedRoleNames.size() );
+ assertEquals( 0, eventTracker.removedRoleNames.size() );
+ assertEquals( 1, eventTracker.addedPermissionNames.size() );
+ assertEquals( 0, eventTracker.removedPermissionNames.size() );
+ }
+
+ @Test
+ public void testGetAssignedRoles()
+ throws RbacManagerException
+ {
+ RBACManager manager = rbacManager;
+ rbacManager.eraseDatabase();
+
+ Role adminRole = manager.saveRole( getAdminRole() );
+ Role projectAdminRole = manager.saveRole( getProjectAdminRole() );
+ Role developerRole = manager.saveRole( getDeveloperRole() );
+
+ // Setup 3 roles.
+ assertEquals( 3, manager.getAllRoles().size() );
+
+ // Setup User / Assignment with 3 roles.
+ String username = "bob";
+
+ UserAssignment assignment = manager.createUserAssignment( username );
+ assignment.addRoleName( developerRole.getName() );
+ assignment.addRoleName( projectAdminRole.getName() );
+ assignment.addRoleName( adminRole.getName() );
+ assignment = manager.saveUserAssignment( assignment );
+
+ assertEquals( 3, assignment.getRoleNames().size() );
+ assertEquals( 1, manager.getAllUserAssignments().size() );
+ assertEquals( 3, manager.getAllRoles().size() );
+
+ afterSetup();
+
+ // Get the List of Assigned Roles for user bob.
+ Collection<Role> assignedRoles = manager.getAssignedRoles( username );
+
+ assertNotNull( assignedRoles );
+ assertEquals( 3, assignedRoles.size() );
+ }
+
+ @Test
+ public void testGetAssignedPermissions()
+ throws RbacManagerException
+ {
+ RBACManager manager = rbacManager;
+ rbacManager.eraseDatabase();
+ // Setup 3 roles.
+ manager.saveRole( getAdminRole() );
+ manager.saveRole( getProjectAdminRole() );
+ Role added = manager.saveRole( getDeveloperRole() );
+ String roleName = added.getName();
+
+ assertEquals( 3, manager.getAllRoles().size() );
+ assertEquals( 3, manager.getAllPermissions().size() );
+
+ // Setup User / Assignment with 1 role.
+ String username = "bob";
+
+ UserAssignment assignment = manager.createUserAssignment( username );
+ assignment.addRoleName( roleName );
+ manager.saveUserAssignment( assignment );
+
+ assertEquals( 1, manager.getAllUserAssignments().size() );
+ assertEquals( 3, manager.getAllRoles().size() );
+ assertEquals( 3, manager.getAllPermissions().size() );
+
+ // Get the List of Assigned Roles for user bob.
+ Collection<Permission> assignedPermissions = manager.getAssignedPermissions( username );
+
+ assertNotNull( assignedPermissions );
+ assertEquals( 1, assignedPermissions.size() );
+ }
+
+ public Role getChildRole( RBACManager manager, Role role, String expectedChildRoleName, int childRoleCount )
+ throws RbacManagerException
+ {
+ assertTrue( role.hasChildRoles() );
+ List<String> childNames = role.getChildRoleNames();
+ assertNotNull( childNames );
+ assertEquals( 1, childNames.size() );
+ String childName = (String) childNames.get( 0 );
+ assertNotNull( childName );
+ Role childRole = manager.getRole( childName );
+ assertNotNull( childRole );
+ assertEquals( expectedChildRoleName, childRole.getName() );
+
+ return childRole;
+ }
+
+ @Test
+ public void testGetRolesDeep()
+ throws RbacManagerException
+ {
+ rbacManager.eraseDatabase();
+ rbacDefaults.createDefaults();
+
+ // Setup User / Assignment with 1 role.
+ String username = "bob";
+
+ UserAssignment assignment = rbacManager.createUserAssignment( username );
+ assignment.addRoleName( "Developer" );
+ rbacManager.saveUserAssignment( assignment );
+
+ assertEquals( 1, rbacManager.getAllUserAssignments().size() );
+ assertEquals( 4, rbacManager.getAllRoles().size() );
+ assertEquals( 6, rbacManager.getAllPermissions().size() );
+
+ // Get the List of Assigned Roles for user bob.
+ Role devel = rbacManager.getRole( "Developer" );
+ assertNotNull( devel );
+
+ // First Depth.
+ Role trusted = getChildRole( rbacManager, devel, "Trusted Developer", 1 );
+
+ // Second Depth.
+ Role sysAdmin = getChildRole( rbacManager, trusted, "System Administrator", 1 );
+
+ // Third Depth.
+ getChildRole( rbacManager, sysAdmin, "User Administrator", 1 );
+ }
+
+ @Test
+ public void testGetAssignedPermissionsDeep()
+ throws RbacManagerException
+ {
+ rbacDefaults.createDefaults();
+
+ // Setup User / Assignment with 1 role.
+ String username = "bob";
+
+ UserAssignment assignment = rbacManager.createUserAssignment( username );
+ assignment.addRoleName( "Developer" );
+ rbacManager.saveUserAssignment( assignment );
+
+ assertEquals( 1, rbacManager.getAllUserAssignments().size() );
+ assertEquals( 4, rbacManager.getAllRoles().size() );
+ assertEquals( 6, rbacManager.getAllPermissions().size() );
+
+ afterSetup();
+
+ // Get the List of Assigned Roles for user bob.
+ Collection<Permission> assignedPermissions = rbacManager.getAssignedPermissions( username );
+
+ assertNotNull( assignedPermissions );
+ assertEquals( 6, assignedPermissions.size() );
+ }
+
+ @Test
+ public void testLargeApplicationInit()
+ throws RbacManagerException
+ {
+
+ rbacManager.eraseDatabase();
+ rbacDefaults.createDefaults();
+ assertEquals( 6, rbacManager.getAllPermissions().size() );
+ assertEquals( 11, rbacManager.getAllOperations().size() );
+ assertEquals( 4, rbacManager.getAllRoles().size() );
+ }
+
+ @Test
+ public void testAddRemovePermanentPermission()
+ throws RbacManagerException
+ {
+ assertNotNull( rbacManager );
+
+ rbacManager.eraseDatabase();
+ eventTracker.rbacInit( true );
+
+ Role adminRole = rbacManager.saveRole( getAdminRole() );
+ rbacManager.saveRole( getDeveloperRole() );
+
+ assertEquals( 2, rbacManager.getAllRoles().size() );
+ assertEquals( 2, rbacManager.getAllPermissions().size() );
+
+ Permission createUserPerm = rbacManager.createPermission( "CREATE_USER", "CREATE", "User" );
+ createUserPerm.setPermanent( true );
+
+ // perm shouldn't exist in manager (yet)
+ assertEquals( 2, rbacManager.getAllPermissions().size() );
+
+ adminRole.addPermission( createUserPerm );
+ rbacManager.saveRole( adminRole );
+
+ // perm should exist in manager now.
+ assertEquals( 3, rbacManager.getAllPermissions().size() );
+ Permission fetched = rbacManager.getPermission( "CREATE_USER" );
+ assertNotNull( fetched );
+
+ // Attempt to remove perm now.
+ try
+ {
+ // Use permission name technique first.
+ rbacManager.removePermission( "CREATE_USER" );
+ }
+ catch ( RbacPermanentException e )
+ {
+ // expected path.
+ }
+
+ try
+ {
+ // Use permission object technique next.
+ rbacManager.removePermission( fetched );
+ }
+ catch ( RbacPermanentException e )
+ {
+ // expected path.
+ }
+
+ // Assert some event tracker stuff
+ assertNotNull( eventTracker );
+ assertEquals( 1, eventTracker.initCount );
+ assertTrue( eventTracker.lastDbFreshness.booleanValue() );
+
+ assertEquals( 2, eventTracker.addedRoleNames.size() );
+ assertEquals( 0, eventTracker.removedRoleNames.size() );
+ assertEquals( 3, eventTracker.addedPermissionNames.size() );
+ assertEquals( 0, eventTracker.removedPermissionNames.size() );
+ }
+
+ @Test
+ public void testAddRemovePermanentRole()
+ throws RbacManagerException
+ {
+ assertNotNull( rbacManager );
+ rbacManager.eraseDatabase();
+ eventTracker.rbacInit( true );
+
+ Role adminRole = getAdminRole();
+ adminRole.setPermanent( true );
+
+ adminRole = rbacManager.saveRole( adminRole );
+ Role develRole = rbacManager.saveRole( getDeveloperRole() );
+
+ assertEquals( 2, rbacManager.getAllRoles().size() );
+
+ Role actualAdmin = rbacManager.getRole( adminRole.getName() );
+ Role actualDevel = rbacManager.getRole( develRole.getName() );
+
+ assertEquals( adminRole, actualAdmin );
+ assertEquals( develRole, actualDevel );
+
+ // Attempt to remove perm now.
+ try
+ {
+ // Use role name technique first.
+ rbacManager.removeRole( adminRole.getName() );
+ }
+ catch ( RbacPermanentException e )
+ {
+ // expected path.
+ }
+
+ try
+ {
+ // Use role object technique next.
+ rbacManager.removeRole( adminRole );
+ }
+ catch ( RbacPermanentException e )
+ {
+ // expected path.
+ }
+
+ /* Assert some event tracker stuff */
+ assertNotNull( eventTracker );
+ assertEquals( 1, eventTracker.initCount );
+ assertTrue( eventTracker.lastDbFreshness.booleanValue() );
+
+ assertEquals( 2, eventTracker.addedRoleNames.size() );
+ assertEquals( 0, eventTracker.removedRoleNames.size() );
+ assertEquals( 2, eventTracker.addedPermissionNames.size() );
+ assertEquals( 0, eventTracker.removedPermissionNames.size() );
+ }
+
+ @Test
+ public void testAddRemovePermanentOperation()
+ throws RbacManagerException
+ {
+
+ rbacManager.eraseDatabase();
+ eventTracker.rbacInit( true );
+ assertNotNull( rbacManager );
+
+ Role adminRole = rbacManager.saveRole( getAdminRole() );
+ rbacManager.saveRole( getDeveloperRole() );
+
+ assertEquals( 2, rbacManager.getAllRoles().size() );
+ assertEquals( 2, rbacManager.getAllPermissions().size() );
+
+ Permission createUserPerm = rbacManager.createPermission( "CREATE_USER", "CREATE", "User" );
+ createUserPerm.getOperation().setPermanent( true );
+
+ // perm shouldn't exist in manager (yet)
+ assertEquals( 2, rbacManager.getAllPermissions().size() );
+ assertEquals( 1, rbacManager.getAllOperations().size() );
+
+ adminRole.addPermission( createUserPerm );
+ rbacManager.saveRole( adminRole );
+
+ // perm should exist in manager now.
+ assertEquals( 2, rbacManager.getAllOperations().size() );
+ Operation fetched = rbacManager.getOperation( "CREATE" );
+ assertNotNull( fetched );
+
+ // Attempt to remove operation now.
+ try
+ {
+ // Use operation name technique first.
+ rbacManager.removeOperation( "CREATE" );
+ }
+ catch ( RbacPermanentException e )
+ {
+ // expected path.
+ }
+
+ try
+ {
+ // Use operation object technique next.
+ rbacManager.removeOperation( fetched );
+ }
+ catch ( RbacPermanentException e )
+ {
+ // expected path.
+ }
+
+ // Assert some event tracker stuff
+ assertNotNull( eventTracker );
+ assertEquals( 1, eventTracker.initCount );
+ assertTrue( eventTracker.lastDbFreshness.booleanValue() );
+
+ assertEquals( 2, eventTracker.addedRoleNames.size() );
+ assertEquals( 0, eventTracker.removedRoleNames.size() );
+ assertEquals( 3, eventTracker.addedPermissionNames.size() );
+ assertEquals( 0, eventTracker.removedPermissionNames.size() );
+ }
+
+ /**
+ * Allows subclasses to hook code after a test case has finished it's setup
+ */
+ protected void afterSetup()
+ {
+ // do nothing
+ }
+}
--- /dev/null
+package org.apache.archiva.redback.tests;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import org.apache.archiva.redback.rbac.RBACManagerListener;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.UserAssignment;
+
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * RbacManagerEventTracker
+ *
+ * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
+ * @version $Id$
+ */
+public class RbacManagerEventTracker
+ implements RBACManagerListener
+{
+ public long initCount = 0;
+
+ public Boolean lastDbFreshness;
+
+ public List<String> addedRoleNames = new ArrayList<String>();
+
+ public List<String> removedRoleNames = new ArrayList<String>();
+
+ public List<String> addedPermissionNames = new ArrayList<String>();
+
+ public List<String> removedPermissionNames = new ArrayList<String>();
+
+ public void rbacInit( boolean freshdb )
+ {
+ log( "Init - freshdb: " + freshdb );
+ initCount++;
+ lastDbFreshness = Boolean.valueOf( freshdb );
+ }
+
+ public void rbacPermissionRemoved( Permission permission )
+ {
+ log( "Permission Removed: " + permission.getName() );
+ String obj = permission.getName();
+ if ( !removedPermissionNames.contains( obj ) )
+ {
+ removedPermissionNames.add( obj );
+ }
+ }
+
+ public void rbacPermissionSaved( Permission permission )
+ {
+ log( "Permission Saved: " + permission.getName() );
+ String obj = permission.getName();
+ if ( !addedPermissionNames.contains( obj ) )
+ {
+ addedPermissionNames.add( obj );
+ }
+ }
+
+ public void rbacRoleRemoved( Role role )
+ {
+ log( "Role Removed: " + role.getName() );
+ String obj = role.getName();
+ if ( !removedRoleNames.contains( obj ) )
+ {
+ removedRoleNames.add( obj );
+ }
+ }
+
+ public void rbacRoleSaved( Role role )
+ {
+ log( "Role Saved: " + role.getName() );
+ String obj = role.getName();
+ if ( !addedRoleNames.contains( obj ) )
+ {
+ addedRoleNames.add( obj );
+ }
+ }
+
+ public void rbacUserAssignmentRemoved( UserAssignment userAssignment )
+ {
+
+ }
+
+ public void rbacUserAssignmentSaved( UserAssignment userAssignment )
+ {
+
+ }
+
+ private void log( String msg )
+ {
+ System.out.println( "[RBAC Event Tracker] " + msg );
+ }
+}
--- /dev/null
+package org.apache.archiva.redback.tests.utils;
+
+/*
+ * Copyright 2006 The Apache Software Foundation.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.Role;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+
+public class RBACDefaults
+{
+ private final RBACManager manager;
+
+ public RBACDefaults( RBACManager manager )
+ {
+ this.manager = manager;
+ }
+
+ public RBACManager createDefaults()
+ throws RbacManagerException
+ {
+ if ( !manager.operationExists( "add-repository" ) )
+ {
+ Operation operation = manager.createOperation( "add-repository" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "edit-repository" ) )
+ {
+ Operation operation = manager.createOperation( "edit-repository" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "delete-repository" ) )
+ {
+ Operation operation = manager.createOperation( "delete-repository" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "edit-configuration" ) )
+ {
+ Operation operation = manager.createOperation( "edit-configuration" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "run-indexer" ) )
+ {
+ Operation operation = manager.createOperation( "run-indexer" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "regenerate-index" ) )
+ {
+ Operation operation = manager.createOperation( "regenerate-index" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "get-reports" ) )
+ {
+ Operation operation = manager.createOperation( "get-reports" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "regenerate-reports" ) )
+ {
+ Operation operation = manager.createOperation( "regenerate-reports" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "edit-user" ) )
+ {
+ Operation operation = manager.createOperation( "edit-user" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "edit-all-users" ) )
+ {
+ Operation operation = manager.createOperation( "edit-all-users" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.operationExists( "remove-roles" ) )
+ {
+ Operation operation = manager.createOperation( "remove-roles" );
+ manager.saveOperation( operation );
+ }
+
+ if ( !manager.permissionExists( "Edit Configuration" ) )
+ {
+ Permission editConfiguration = manager.createPermission( "Edit Configuration", "edit-configuration",
+ manager.getGlobalResource().getIdentifier() );
+ manager.savePermission( editConfiguration );
+ }
+
+ if ( !manager.permissionExists( "Run Indexer" ) )
+ {
+ Permission runIndexer = manager.createPermission( "Run Indexer", "run-indexer", manager.getGlobalResource()
+ .getIdentifier() );
+
+ manager.savePermission( runIndexer );
+ }
+
+ if ( !manager.permissionExists( "Add Repository" ) )
+ {
+ Permission runIndexer = manager.createPermission( "Add Repository", "add-repository", manager
+ .getGlobalResource().getIdentifier() );
+ manager.savePermission( runIndexer );
+ }
+
+ if ( !manager.permissionExists( "Edit All Users" ) )
+ {
+ Permission editAllUsers = manager.createPermission( "Edit All Users", "edit-all-users", manager
+ .getGlobalResource().getIdentifier() );
+
+ manager.savePermission( editAllUsers );
+ }
+
+ if ( !manager.permissionExists( "Remove Roles" ) )
+ {
+ Permission editAllUsers = manager.createPermission( "Remove Roles", "remove-roles", manager
+ .getGlobalResource().getIdentifier() );
+
+ manager.savePermission( editAllUsers );
+ }
+
+ if ( !manager.permissionExists( "Regenerate Index" ) )
+ {
+ Permission regenIndex = manager.createPermission( "Regenerate Index", "regenerate-index", manager
+ .getGlobalResource().getIdentifier() );
+
+ manager.savePermission( regenIndex );
+ }
+
+ if ( !manager.roleExists( "User Administrator" ) )
+ {
+ Role userAdmin = manager.createRole( "User Administrator" );
+ userAdmin.addPermission( manager.getPermission( "Edit All Users" ) );
+ userAdmin.addPermission( manager.getPermission( "Remove Roles" ) );
+ userAdmin.setAssignable( true );
+ manager.saveRole( userAdmin );
+ }
+
+ if ( !manager.roleExists( "System Administrator" ) )
+ {
+ Role admin = manager.createRole( "System Administrator" );
+ admin.addChildRoleName( "User Administrator" );
+ admin.addPermission( manager.getPermission( "Edit Configuration" ) );
+ admin.addPermission( manager.getPermission( "Run Indexer" ) );
+ admin.addPermission( manager.getPermission( "Add Repository" ) );
+ admin.addPermission( manager.getPermission( "Regenerate Index" ) );
+ admin.setAssignable( true );
+ manager.saveRole( admin );
+ }
+
+ if ( !manager.roleExists( "Trusted Developer" ) )
+ {
+ Role developer = manager.createRole( "Trusted Developer" );
+ developer.addChildRoleName( "System Administrator" );
+ developer.addPermission( manager.getPermission( "Run Indexer" ) );
+ developer.setAssignable( true );
+ manager.saveRole( developer );
+ }
+
+ if ( !manager.roleExists( "Developer" ) )
+ {
+ Role developer = manager.createRole( "Developer" );
+ developer.addChildRoleName( "Trusted Developer" );
+ developer.addPermission( manager.getPermission( "Run Indexer" ) );
+ developer.setAssignable( true );
+ manager.saveRole( developer );
+ }
+
+ return manager;
+ }
+}
+++ /dev/null
-package org.codehaus.plexus.redback.tests;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-import junit.framework.TestCase;
-import org.apache.archiva.redback.rbac.Permission;
-import org.apache.archiva.redback.rbac.RBACManager;
-import org.apache.archiva.redback.rbac.RbacManagerException;
-import org.apache.archiva.redback.rbac.Resource;
-import org.apache.archiva.redback.rbac.Role;
-import org.apache.archiva.redback.rbac.UserAssignment;
-import org.apache.archiva.redback.rbac.Operation;
-import org.codehaus.plexus.redback.tests.utils.RBACDefaults;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-
-import java.util.Collections;
-
-@RunWith( SpringJUnit4ClassRunner.class )
-@ContextConfiguration( locations = { "classpath*:/META-INF/spring-context.xml", "classpath*:/spring-context.xml" } )
-public class AbstractRbacManagerPerformanceTestCase
- extends TestCase
-{
- private RBACManager rbacManager;
-
- private RBACDefaults rbacDefaults;
-
- public void setRbacManager( RBACManager store )
- {
- this.rbacManager = store;
- rbacDefaults = new RBACDefaults( rbacManager );
- }
-
- public void setUp()
- throws Exception
- {
- super.setUp();
- }
-
- public void tearDown()
- throws Exception
- {
- super.tearDown();
- }
-
- private Role getDeveloperRole()
- throws RbacManagerException
- {
- Role role = rbacManager.createRole( "DEVELOPER" );
- role.setAssignable( true );
-
- Permission perm = rbacManager.createPermission( "EDIT_MY_USER", "EDIT", "User:Self" );
-
- role.addPermission( perm );
-
- return role;
- }
-
- private Role getSuperDeveloperRole()
- {
- Role role = rbacManager.createRole( "SUPER_DEVELOPER" );
- role.setAssignable( true );
-
- return role;
- }
-
- private static final int ITERATIONS = 10000;
-
- private static final int ONESECOND = 1000;
-
- public void assertPerformance( String msg, long startTime, long endTime, int iterations, double threshold )
- {
- long elapsed = endTime - startTime;
- double ratio = (double) elapsed / (double) ONESECOND; // ratio of time to 1 second.
- double opsPerSecond = (double) iterations / ratio;
-
- System.out.println( "Performance " + msg + ": " + opsPerSecond + " operations per second. (effective)" );
-
- if ( opsPerSecond < threshold )
- {
- // Failure
-
- StringBuffer stats = new StringBuffer();
-
- stats.append( "Stats on " ).append( msg );
- stats.append( "\nStart Time (ms): " ).append( Long.toString( startTime ) );
- stats.append( "\nEnd Time (ms) : " ).append( Long.toString( endTime ) );
- stats.append( "\nElapsed (ms) : " ).append( Long.toString( elapsed ) );
- stats.append( "\nRatio : " ).append( Double.toString( ratio ) );
- stats.append( "\nOps per second : " ).append( Double.toString( opsPerSecond ) );
-
- System.out.println( stats.toString() );
-
- fail( "Performance Error: " + msg + " expecting greater than [" + threshold + "], actual [" + opsPerSecond
- + "]" );
- }
- }
-
- @Test
- public void testPerformanceResource()
- throws RbacManagerException
- {
- assertNotNull( rbacManager );
- rbacManager.eraseDatabase();
-
- Resource resource = rbacManager.createResource( "foo" );
- Resource resource2 = rbacManager.createResource( "bar" );
-
- assertNotNull( resource );
-
- Resource added = rbacManager.saveResource( resource );
- assertNotNull( added );
- Resource added2 = rbacManager.saveResource( resource2 );
- assertNotNull( added2 );
-
- assertEquals( 2, rbacManager.getAllResources().size() );
-
- String resFooId = resource.getIdentifier();
- String resBarId = resource2.getIdentifier();
- long startTime = System.currentTimeMillis();
-
- for ( int i = 0; i <= ITERATIONS; i++ )
- {
- Resource resFoo = rbacManager.getResource( resFooId );
- Resource resBar = rbacManager.getResource( resBarId );
-
- assertNotNull( resFoo );
- assertNotNull( resBar );
-
- assertEquals( "foo", resFoo.getIdentifier() );
- assertEquals( "bar", resBar.getIdentifier() );
- }
-
- long endTime = System.currentTimeMillis();
-
- assertPerformance( "Resource", startTime, endTime, ITERATIONS, 500.0 );
- }
-
- @Test
- public void testPerformanceUserAssignment()
- throws RbacManagerException
- {
- RBACManager manager = rbacManager;
-
- rbacManager.eraseDatabase();
-
- Role devRole = getDeveloperRole();
- Role devPlusRole = getSuperDeveloperRole();
- devPlusRole.setChildRoleNames( Collections.singletonList( devRole.getName() ) );
- devRole = manager.saveRole( devRole );
- devPlusRole = manager.saveRole( devPlusRole );
-
- // Setup User / Assignment with 1 role.
- String username = "bob";
- UserAssignment assignment = manager.createUserAssignment( username );
- assignment.addRoleName( devRole );
- assignment = manager.saveUserAssignment( assignment );
-
- assertEquals( 1, manager.getAllUserAssignments().size() );
- assertEquals( "should be only one role assigned", 1, manager.getAssignedRoles( assignment.getPrincipal() )
- .size() );
- assertEquals( "should be one role left to assign", 1, manager.getUnassignedRoles( assignment.getPrincipal() )
- .size() );
- assertEquals( 2, manager.getAllRoles().size() );
-
- // assign the same role again to the same user
- assignment.addRoleName( devRole.getName() );
- manager.saveUserAssignment( assignment );
-
- // we certainly shouldn't have 2 roles here now
- assertEquals( 1, assignment.getRoleNames().size() );
-
- String bobId = assignment.getPrincipal();
-
- username = "janet";
-
- devPlusRole.setChildRoleNames( Collections.singletonList( devRole.getName() ) );
- devRole = manager.saveRole( devRole );
- manager.saveRole( devPlusRole );
-
- assignment = manager.createUserAssignment( username );
- assignment.addRoleName( devRole );
- assignment = manager.saveUserAssignment( assignment );
-
- assertEquals( 2, manager.getAllUserAssignments().size() );
- assertEquals( "should be only one role assigned", 1, manager.getAssignedRoles( assignment.getPrincipal() )
- .size() );
- assertEquals( "should be one role left to assign", 1, manager.getUnassignedRoles( assignment.getPrincipal() )
- .size() );
- assertEquals( 2, manager.getAllRoles().size() );
-
- // assign the same role again to the same user
- assignment.addRoleName( devRole.getName() );
- manager.saveUserAssignment( assignment );
-
- // we certainly shouldn't have 2 roles here now
- assertEquals( 1, assignment.getRoleNames().size() );
-
- String janetId = assignment.getPrincipal();
-
- long startTime = System.currentTimeMillis();
-
- for ( int i = 0; i <= ITERATIONS; i++ )
- {
- UserAssignment uaBob = rbacManager.getUserAssignment( bobId );
- UserAssignment uaJanet = rbacManager.getUserAssignment( janetId );
-
- assertNotNull( uaBob );
- assertNotNull( uaJanet );
-
- assertEquals( "bob", uaBob.getPrincipal() );
- assertEquals( "janet", uaJanet.getPrincipal() );
- }
-
- long endTime = System.currentTimeMillis();
- assertPerformance( "UserAssignment", startTime, endTime, ITERATIONS, 350.0 );
- }
-
- @Test
- public void testPerformanceRoles()
- throws RbacManagerException
- {
- rbacDefaults.createDefaults();
-
- String roleIdSysAdmin = "System Administrator";
- String roleIdUserAdmin = "User Administrator";
-
- long startTime = System.currentTimeMillis();
-
- for ( int i = 0; i <= ITERATIONS; i++ )
- {
- Role roleSysAdmin = rbacManager.getRole( roleIdSysAdmin );
- Role roleUserAdmin = rbacManager.getRole( roleIdUserAdmin );
-
- assertNotNull( roleSysAdmin );
- assertNotNull( roleUserAdmin );
-
- assertEquals( roleIdSysAdmin, roleSysAdmin.getName() );
- assertEquals( roleIdUserAdmin, roleUserAdmin.getName() );
- }
-
- long endTime = System.currentTimeMillis();
-
- assertPerformance( "Roles", startTime, endTime, ITERATIONS, 130 );
- }
-
- @Test
- public void testPerformancePermissions()
- throws RbacManagerException
- {
- rbacDefaults.createDefaults();
-
- String permIdRunIndexer = "Run Indexer";
- String permIdAddRepo = "Add Repository";
-
- long startTime = System.currentTimeMillis();
-
- for ( int i = 0; i <= ITERATIONS; i++ )
- {
- Permission permRunIndex = rbacManager.getPermission( permIdRunIndexer );
- Permission permAddRepo = rbacManager.getPermission( permIdAddRepo );
-
- assertNotNull( permRunIndex );
- assertNotNull( permAddRepo );
-
- assertEquals( permIdRunIndexer, permRunIndex.getName() );
- assertEquals( permIdAddRepo, permAddRepo.getName() );
- }
-
- long endTime = System.currentTimeMillis();
-
- assertPerformance( "Permissions", startTime, endTime, ITERATIONS, 350 );
- }
-
- @Test
- public void testPerformanceOperations()
- throws RbacManagerException
- {
- rbacDefaults.createDefaults();
-
- String operIdEditRepo = "edit-repository";
- String operIdDelRepo = "delete-repository";
-
- long startTime = System.currentTimeMillis();
-
- for ( int i = 0; i <= ITERATIONS; i++ )
- {
- Operation operEditRepo = rbacManager.getOperation( operIdEditRepo );
- Operation operDelRepo = rbacManager.getOperation( operIdDelRepo );
-
- assertNotNull( operEditRepo );
- assertNotNull( operDelRepo );
-
- assertEquals( operIdEditRepo, operEditRepo.getName() );
- assertEquals( operIdDelRepo, operDelRepo.getName() );
- }
-
- long endTime = System.currentTimeMillis();
-
- assertPerformance( "Operations", startTime, endTime, ITERATIONS, 500 );
- }
-}
\ No newline at end of file
+++ /dev/null
-package org.codehaus.plexus.redback.tests;
-
-/*
- * Copyright 2001-2006 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-import junit.framework.TestCase;
-import org.apache.archiva.redback.rbac.Operation;
-import org.apache.archiva.redback.rbac.RBACManager;
-import org.apache.archiva.redback.rbac.RbacManagerException;
-import org.apache.archiva.redback.rbac.Resource;
-import org.apache.archiva.redback.rbac.Role;
-import org.apache.archiva.redback.rbac.UserAssignment;
-import org.apache.archiva.redback.rbac.Permission;
-import org.apache.archiva.redback.rbac.RbacPermanentException;
-import org.codehaus.plexus.redback.tests.utils.RBACDefaults;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-
-import java.util.Collection;
-import java.util.Collections;
-import java.util.List;
-import java.util.Set;
-
-/**
- * AbstractRbacManagerTestCase
- *
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-@RunWith( SpringJUnit4ClassRunner.class )
-@ContextConfiguration( locations = { "classpath*:/META-INF/spring-context.xml", "classpath*:/spring-context.xml" } )
-public abstract class AbstractRbacManagerTestCase
- extends TestCase
-{
- private RBACManager rbacManager;
-
- protected RbacManagerEventTracker eventTracker;
-
- private RBACDefaults rbacDefaults;
-
- public void setRbacManager( RBACManager store )
- {
- this.rbacManager = store;
- if ( this.rbacManager != null )
- {
- this.eventTracker = new RbacManagerEventTracker();
- this.rbacManager.addListener( eventTracker );
- }
- rbacDefaults = new RBACDefaults( rbacManager );
- }
-
- public RBACManager getRbacManager()
- {
- return this.rbacManager;
- }
-
- public void setUp()
- throws Exception
- {
- super.setUp();
- }
-
- public void tearDown()
- throws Exception
- {
- super.tearDown();
- }
-
- private Role getAdminRole()
- throws RbacManagerException
- {
- Role role = rbacManager.createRole( "ADMIN" );
- role.setAssignable( false );
-
- Permission perm = rbacManager.createPermission( "EDIT_ANY_USER", "EDIT", "User:*" );
-
- role.addPermission( perm );
-
- return role;
- }
-
- private Role getDeveloperRole()
- throws RbacManagerException
- {
- Role role = rbacManager.createRole( "DEVELOPER" );
- role.setAssignable( true );
-
- Permission perm = rbacManager.createPermission( "EDIT_MY_USER", "EDIT", "User:Self" );
-
- role.addPermission( perm );
-
- return role;
- }
-
- private Role getProjectAdminRole()
- throws RbacManagerException
- {
- Role role = rbacManager.createRole( "PROJECT_ADMIN" );
- role.setAssignable( true );
-
- Permission perm = rbacManager.createPermission( "EDIT_PROJECT", "EDIT", "Project:Foo" );
-
- role.addPermission( perm );
-
- return role;
- }
-
- private Role getSuperDeveloperRole()
- {
- Role role = rbacManager.createRole( "SUPER_DEVELOPER" );
- role.setAssignable( true );
-
- return role;
- }
-
- @Test
- public void testStoreInitialization()
- throws Exception
- {
- assertNotNull( rbacManager );
-
- Role role = getAdminRole();
-
- assertNotNull( role );
-
- Role added = rbacManager.saveRole( role );
-
- assertEquals( 1, rbacManager.getAllRoles().size() );
-
- assertNotNull( added );
-
- rbacManager.removeRole( added );
-
- assertEquals( 0, rbacManager.getAllRoles().size() );
-
- /* Assert some event tracker stuff */
- assertNotNull( eventTracker );
- //assertEquals( 1, eventTracker.initCount );
- //assertTrue( eventTracker.lastDbFreshness.booleanValue() );
-
- assertEquals( 1, eventTracker.addedRoleNames.size() );
- assertEquals( 1, eventTracker.removedRoleNames.size() );
- assertEquals( 1, eventTracker.addedPermissionNames.size() );
- assertEquals( 0, eventTracker.removedPermissionNames.size() );
- }
-
- @Test
- public void testResources()
- throws Exception
- {
- assertNotNull( rbacManager );
-
- rbacManager.eraseDatabase();
- eventTracker.rbacInit( true );
-
- Resource resource = rbacManager.createResource( "foo" );
- Resource resource2 = rbacManager.createResource( "bar" );
-
- assertNotNull( resource );
-
- Resource added = rbacManager.saveResource( resource );
- assertNotNull( added );
- Resource added2 = rbacManager.saveResource( resource2 );
- assertNotNull( added2 );
-
- assertEquals( 2, rbacManager.getAllResources().size() );
-
- rbacManager.removeResource( added );
-
- assertEquals( 1, rbacManager.getAllResources().size() );
-
- /* Assert some event tracker stuff */
- assertNotNull( eventTracker );
- assertEquals( 1, eventTracker.initCount );
- assertTrue( eventTracker.lastDbFreshness.booleanValue() );
-
- assertEquals( 0, eventTracker.addedRoleNames.size() );
- assertEquals( 0, eventTracker.removedRoleNames.size() );
- assertEquals( 0, eventTracker.addedPermissionNames.size() );
- assertEquals( 0, eventTracker.removedPermissionNames.size() );
- }
-
- @Test
- public void testAddGetPermission()
- throws RbacManagerException
- {
- assertNotNull( rbacManager );
-
- rbacManager.eraseDatabase();
- eventTracker.rbacInit( true );
-
- Role adminRole = rbacManager.saveRole( getAdminRole() );
- rbacManager.saveRole( getDeveloperRole() );
-
- assertEquals( 2, rbacManager.getAllRoles().size() );
- assertEquals( 2, rbacManager.getAllPermissions().size() );
-
- Permission createUserPerm = rbacManager.createPermission( "CREATE_USER", "CREATE", "User" );
-
- // perm shouldn't exist in manager (yet)
- assertEquals( 2, rbacManager.getAllPermissions().size() );
-
- adminRole.addPermission( createUserPerm );
- rbacManager.saveRole( adminRole );
-
- // perm should exist in manager now.
- assertEquals( 3, rbacManager.getAllPermissions().size() );
- Permission fetched = rbacManager.getPermission( "CREATE_USER" );
- assertNotNull( fetched );
-
- /* Assert some event tracker stuff */
- assertNotNull( eventTracker );
- assertEquals( 1, eventTracker.initCount );
- assertTrue( eventTracker.lastDbFreshness.booleanValue() );
-
- assertEquals( 2, eventTracker.addedRoleNames.size() );
- assertEquals( 0, eventTracker.removedRoleNames.size() );
- assertEquals( 3, eventTracker.addedPermissionNames.size() );
- assertEquals( 0, eventTracker.removedPermissionNames.size() );
- }
-
- @Test
- public void testAddGetRole()
- throws RbacManagerException
- {
- assertNotNull( rbacManager );
-
- rbacManager.eraseDatabase();
- eventTracker.rbacInit( true );
-
- Role adminRole = rbacManager.saveRole( getAdminRole() );
- Role develRole = rbacManager.saveRole( getDeveloperRole() );
-
- assertEquals( 2, rbacManager.getAllRoles().size() );
-
- Role actualAdmin = rbacManager.getRole( adminRole.getName() );
- Role actualDevel = rbacManager.getRole( develRole.getName() );
-
- assertEquals( adminRole, actualAdmin );
- assertEquals( develRole, actualDevel );
-
- /* Assert some event tracker stuff */
- assertNotNull( eventTracker );
- assertEquals( 1, eventTracker.initCount );
- assertTrue( eventTracker.lastDbFreshness.booleanValue() );
-
- assertEquals( 2, eventTracker.addedRoleNames.size() );
- assertEquals( 0, eventTracker.removedRoleNames.size() );
- assertEquals( 2, eventTracker.addedPermissionNames.size() );
- assertEquals( 0, eventTracker.removedPermissionNames.size() );
- }
-
- @Test
- public void testAllowRoleWithoutPermissions()
- throws RbacManagerException
- {
- assertNotNull( rbacManager );
-
- rbacManager.eraseDatabase();
- eventTracker.rbacInit( true );
-
- String rolename = "Test Role";
-
- Role testRole = rbacManager.createRole( rolename );
- testRole = rbacManager.saveRole( testRole );
-
- assertNotNull( testRole );
- assertEquals( 1, rbacManager.getAllRoles().size() );
- assertEquals( 0, rbacManager.getAllPermissions().size() );
-
- Role actualRole = rbacManager.getRole( rolename );
-
- assertEquals( testRole, actualRole );
- assertEquals( 1, rbacManager.getAllRoles().size() );
- assertEquals( 0, rbacManager.getAllPermissions().size() );
-
- /* Assert some event tracker stuff */
- assertNotNull( eventTracker );
- assertEquals( 1, eventTracker.initCount );
- assertTrue( eventTracker.lastDbFreshness.booleanValue() );
-
- assertEquals( 1, eventTracker.addedRoleNames.size() );
- assertEquals( 0, eventTracker.removedRoleNames.size() );
- assertEquals( 0, eventTracker.addedPermissionNames.size() );
- assertEquals( 0, eventTracker.removedPermissionNames.size() );
- }
-
- @Test
- public void testAddGetChildRole()
- throws RbacManagerException
- {
- RBACManager manager = rbacManager;
- assertNotNull( manager );
-
- rbacManager.eraseDatabase();
- eventTracker.rbacInit( true );
-
- Role adminRole = manager.saveRole( getAdminRole() );
- Role develRole = manager.saveRole( getDeveloperRole() );
-
- assertEquals( 2, manager.getAllRoles().size() );
-
- Role actualAdmin = manager.getRole( adminRole.getName() );
- Role actualDevel = manager.getRole( develRole.getName() );
-
- assertEquals( adminRole, actualAdmin );
- assertEquals( develRole, actualDevel );
-
- // Now add a child role.
- manager.addChildRole( develRole, getProjectAdminRole() );
-
- manager.saveRole( develRole );
-
- assertEquals( 3, manager.getAllRoles().size() );
-
- /* Assert some event tracker stuff */
- assertNotNull( eventTracker );
- assertEquals( 1, eventTracker.initCount );
- assertTrue( eventTracker.lastDbFreshness.booleanValue() );
-
- assertEquals( 3, eventTracker.addedRoleNames.size() );
- assertEquals( 0, eventTracker.removedRoleNames.size() );
- assertEquals( 3, eventTracker.addedPermissionNames.size() );
- assertEquals( 0, eventTracker.removedPermissionNames.size() );
- }
-
- @Test
- public void testAddGetChildRoleViaName()
- throws RbacManagerException
- {
- RBACManager manager = rbacManager;
- rbacManager.eraseDatabase();
- eventTracker.rbacInit( true );
- assertNotNull( manager );
-
- Role adminRole = manager.saveRole( getAdminRole() );
- Role develRole = manager.saveRole( getDeveloperRole() );
-
- assertEquals( 2, manager.getAllRoles().size() );
-
- Role actualAdmin = manager.getRole( adminRole.getName() );
- Role actualDevel = manager.getRole( develRole.getName() );
-
- assertEquals( adminRole, actualAdmin );
- assertEquals( develRole, actualDevel );
-
- // Now do a child role.
- Role projectRole = getProjectAdminRole();
- String projectRoleName = projectRole.getName();
- manager.saveRole( projectRole );
-
- develRole.addChildRoleName( projectRoleName );
-
- manager.saveRole( develRole );
-
- assertEquals( 3, manager.getAllRoles().size() );
-
- /* Assert some event tracker stuff */
- assertNotNull( eventTracker );
- assertEquals( 1, eventTracker.initCount );
- assertTrue( eventTracker.lastDbFreshness.booleanValue() );
-
- assertEquals( 3, eventTracker.addedRoleNames.size() );
- assertEquals( 0, eventTracker.removedRoleNames.size() );
- assertEquals( 3, eventTracker.addedPermissionNames.size() );
- assertEquals( 0, eventTracker.removedPermissionNames.size() );
- }
-
- @Test
- public void testUserAssignmentAddRole()
- throws RbacManagerException
- {
- RBACManager manager = rbacManager;
-
- rbacManager.eraseDatabase();
- eventTracker.rbacInit( true );
-
- Role adminRole = manager.saveRole( getAdminRole() );
-
- assertEquals( 1, manager.getAllRoles().size() );
-
- String adminPrincipal = "admin";
-
- UserAssignment assignment = manager.createUserAssignment( adminPrincipal );
-
- assignment.addRoleName( adminRole );
-
- manager.saveUserAssignment( assignment );
-
- assertEquals( 1, manager.getAllUserAssignments().size() );
- assertEquals( 1, manager.getAllRoles().size() );
-
- UserAssignment ua = manager.getUserAssignment( adminPrincipal );
- assertNotNull( ua );
-
- Role fetched = manager.getRole( "ADMIN" );
- assertNotNull( fetched );
-
- /* Assert some event tracker stuff */
- assertNotNull( eventTracker );
- assertEquals( 1, eventTracker.initCount );
- assertTrue( eventTracker.lastDbFreshness.booleanValue() );
-
- assertEquals( 1, eventTracker.addedRoleNames.size() );
- assertEquals( 0, eventTracker.removedRoleNames.size() );
- assertEquals( 1, eventTracker.addedPermissionNames.size() );
- assertEquals( 0, eventTracker.removedPermissionNames.size() );
- }
-
- @Test
- public void testUserAssignmentWithChildRoles()
- throws RbacManagerException
- {
- RBACManager manager = rbacManager;
- rbacManager.eraseDatabase();
- Role developerRole = manager.saveRole( getDeveloperRole() );
-
- Role adminRole = getAdminRole();
-
- adminRole.addChildRoleName( developerRole.getName() );
-
- adminRole = manager.saveRole( adminRole );
-
- String adminPrincipal = "admin";
- UserAssignment assignment = manager.createUserAssignment( adminPrincipal );
- assignment.addRoleName( adminRole );
- assignment = manager.saveUserAssignment( assignment );
-
- assertEquals( 1, assignment.getRoleNames().size() );
- assertEquals( 1, manager.getAssignedRoles( adminPrincipal ).size() );
- }
-
- @Test
- public void testGetAssignedPermissionsNoChildRoles()
- throws RbacManagerException
- {
- RBACManager manager = rbacManager;
-
- rbacManager.eraseDatabase();
- eventTracker.rbacInit( true );
-
- Role admin = getAdminRole();
-
- admin = manager.saveRole( admin );
-
- assertEquals( 1, manager.getAllRoles().size() );
-
- String adminPrincipal = "admin";
-
- UserAssignment ua = manager.createUserAssignment( adminPrincipal );
-
- ua.addRoleName( admin );
-
- manager.saveUserAssignment( ua );
-
- assertEquals( 1, manager.getAllUserAssignments().size() );
-
- Set<Permission> assignedPermissions = manager.getAssignedPermissions( adminPrincipal );
-
- assertNotNull( assignedPermissions );
- assertEquals( 1, assignedPermissions.size() );
-
- /* Assert some event tracker stuff */
- assertNotNull( eventTracker );
- assertEquals( 1, eventTracker.initCount );
- assertTrue( eventTracker.lastDbFreshness.booleanValue() );
-
- assertEquals( 1, eventTracker.addedRoleNames.size() );
- assertEquals( 0, eventTracker.removedRoleNames.size() );
- assertEquals( 1, eventTracker.addedPermissionNames.size() );
- assertEquals( 0, eventTracker.removedPermissionNames.size() );
- }
-
- @Test
- public void testGlobalResource()
- throws RbacManagerException
- {
- RBACManager manager = rbacManager;
- rbacManager.eraseDatabase();
- eventTracker.rbacInit( true );
- Permission editConfiguration = manager.createPermission( "Edit Configuration" );
- editConfiguration.setOperation( manager.createOperation( "edit-configuration" ) );
- editConfiguration.setResource( manager.getGlobalResource() );
- manager.savePermission( editConfiguration );
-
- assertEquals( 1, manager.getAllPermissions().size() );
- assertEquals( 1, manager.getAllOperations().size() );
- assertEquals( 1, manager.getAllResources().size() );
-
- Permission deleteConfiguration = manager.createPermission( "Delete Configuration" );
- deleteConfiguration.setOperation( manager.createOperation( "delete-configuration" ) );
- deleteConfiguration.setResource( manager.getGlobalResource() );
- manager.savePermission( deleteConfiguration );
-
- assertEquals( 2, manager.getAllPermissions().size() );
- assertEquals( 2, manager.getAllOperations().size() );
- assertEquals( 1, manager.getAllResources().size() );
-
- /* Assert some event tracker stuff */
- assertNotNull( eventTracker );
- assertEquals( 1, eventTracker.initCount );
- assertTrue( eventTracker.lastDbFreshness.booleanValue() );
-
- assertEquals( 0, eventTracker.addedRoleNames.size() );
- assertEquals( 0, eventTracker.removedRoleNames.size() );
- assertEquals( 2, eventTracker.addedPermissionNames.size() );
- assertEquals( 0, eventTracker.removedPermissionNames.size() );
- }
-
- @Test
- public void testGlobalResourceOneLiner()
- throws RbacManagerException
- {
- RBACManager manager = rbacManager;
- rbacManager.eraseDatabase();
- eventTracker.rbacInit( true );
- manager.savePermission(
- manager.createPermission( "Edit Configuration", "edit-configuration", Resource.GLOBAL ) );
- manager.savePermission(
- manager.createPermission( "Delete Configuration", "delete-configuration", Resource.GLOBAL ) );
-
- /* Assert some event tracker stuff */
- assertNotNull( eventTracker );
- assertEquals( 1, eventTracker.initCount );
- assertTrue( eventTracker.lastDbFreshness.booleanValue() );
-
- assertEquals( 0, eventTracker.addedRoleNames.size() );
- assertEquals( 0, eventTracker.removedRoleNames.size() );
- assertEquals( 2, eventTracker.addedPermissionNames.size() );
- assertEquals( 0, eventTracker.removedPermissionNames.size() );
- }
-
- @Test
- public void testUserAssignmentAddRemoveSecondRole()
- throws RbacManagerException
- {
- RBACManager manager = rbacManager;
-
- rbacManager.eraseDatabase();
- eventTracker.rbacInit( true );
-
- Role developerRole = getDeveloperRole();
- manager.saveRole( developerRole );
-
- // Setup User / Assignment with 1 role.
- String username = "bob";
- UserAssignment assignment = manager.createUserAssignment( username );
- assignment.addRoleName( developerRole );
- manager.saveUserAssignment( assignment );
-
- assertEquals( 1, manager.getAllUserAssignments().size() );
- assertEquals( 1, manager.getAllRoles().size() );
-
- // Create another role add it to manager.
- Role projectAdmin = getProjectAdminRole();
- String projectAdminRoleName = projectAdmin.getName();
- manager.saveRole( projectAdmin );
-
- // Get User Assignment, add a second role
- UserAssignment bob = manager.getUserAssignment( username );
- bob.addRoleName( projectAdminRoleName );
- bob = manager.saveUserAssignment( bob );
-
- assertEquals( 1, manager.getAllUserAssignments().size() );
- assertEquals( 2, manager.getAllRoles().size() );
- assertEquals( 2, bob.getRoleNames().size() );
- assertEquals( 0, manager.getUnassignedRoles( bob.getPrincipal() ).size() );
-
- List<String> roles = bob.getRoleNames();
- assertEquals( 2, roles.size() );
-
- // Remove 1 role from bob, end up with 1 role for bob.
- roles.remove( projectAdminRoleName );
- assertEquals( 1, roles.size() );
- bob.setRoleNames( roles );
- bob = manager.saveUserAssignment( bob );
- assertEquals( "Should only have 1 role under bob now.", 1, bob.getRoleNames().size() );
- assertEquals( "Should have 2 total roles still.", 2, manager.getAllRoles().size() );
- assertEquals( "Should have 1 assignable role", 1, manager.getUnassignedRoles( bob.getPrincipal() ).size() );
-
- // Fetch bob again. see if role is missing.
- UserAssignment cousin = manager.getUserAssignment( username );
- assertEquals( 1, cousin.getRoleNames().size() );
-
- assertEquals( "Should only have 1 role under bob now.", 1, cousin.getRoleNames().size() );
- assertEquals( "Should have 2 total roles still.", 2, manager.getAllRoles().size() );
-
- // remove the last role
- roles.remove( developerRole.getName() );
- bob.setRoleNames( roles );
- bob = manager.saveUserAssignment( bob );
- assertEquals( "Should have 2 assignable roles.", 2, manager.getUnassignedRoles( bob.getPrincipal() ).size() );
-
- /* Assert some event tracker stuff */
- assertNotNull( eventTracker );
- assertEquals( 1, eventTracker.initCount );
- assertTrue( eventTracker.lastDbFreshness.booleanValue() );
-
- assertEquals( 2, eventTracker.addedRoleNames.size() );
- assertEquals( 0, eventTracker.removedRoleNames.size() );
- assertEquals( 2, eventTracker.addedPermissionNames.size() );
- assertEquals( 0, eventTracker.removedPermissionNames.size() );
- }
-
- @Test
- public void testUserAssignmentMultipleRoles()
- throws RbacManagerException
- {
- RBACManager manager = rbacManager;
-
- rbacManager.eraseDatabase();
- eventTracker.rbacInit( true );
-
- Role devRole = getDeveloperRole();
- manager.saveRole( devRole );
-
- // Setup User / Assignment with 1 role.
- String username = "bob";
- UserAssignment assignment = manager.createUserAssignment( username );
- assignment.addRoleName( devRole );
- assignment = manager.saveUserAssignment( assignment );
-
- assertEquals( 1, manager.getAllUserAssignments().size() );
- assertEquals( 1, manager.getAllRoles().size() );
-
- // assign the same role again to the same user
- assignment.addRoleName( devRole.getName() );
- manager.saveUserAssignment( assignment );
-
- // we certainly shouldn't have 2 roles here now
- assertEquals( 1, assignment.getRoleNames().size() );
-
- /* Assert some event tracker stuff */
- assertNotNull( eventTracker );
- assertEquals( 1, eventTracker.initCount );
- assertTrue( eventTracker.lastDbFreshness.booleanValue() );
-
- assertEquals( 1, eventTracker.addedRoleNames.size() );
- assertEquals( 0, eventTracker.removedRoleNames.size() );
- assertEquals( 1, eventTracker.addedPermissionNames.size() );
- assertEquals( 0, eventTracker.removedPermissionNames.size() );
- }
-
- @Test
- public void testUserAssignmentMultipleRolesWithChildRoles()
- throws RbacManagerException
- {
- RBACManager manager = rbacManager;
-
- rbacManager.eraseDatabase();
- eventTracker.rbacInit( true );
-
- Role devRole = getDeveloperRole();
- Role devPlusRole = getSuperDeveloperRole();
- devPlusRole.setChildRoleNames( Collections.singletonList( devRole.getName() ) );
- manager.saveRole( devRole );
- manager.saveRole( devPlusRole );
-
- // Setup User / Assignment with 1 role.
- String username = "bob";
- UserAssignment assignment = manager.createUserAssignment( username );
- assignment.addRoleName( devRole );
- assignment = manager.saveUserAssignment( assignment );
-
- assertEquals( 1, manager.getAllUserAssignments().size() );
- assertEquals( "should be only one role assigned", 1,
- manager.getAssignedRoles( assignment.getPrincipal() ).size() );
- assertEquals( "should be one role left to assign", 1,
- manager.getUnassignedRoles( assignment.getPrincipal() ).size() );
- assertEquals( 2, manager.getAllRoles().size() );
-
- // assign the same role again to the same user
- assignment.addRoleName( devRole.getName() );
- manager.saveUserAssignment( assignment );
-
- // we certainly shouldn't have 2 roles here now
- assertEquals( 1, assignment.getRoleNames().size() );
-
- /* Assert some event tracker stuff */
- assertNotNull( eventTracker );
- assertEquals( 1, eventTracker.initCount );
- assertTrue( eventTracker.lastDbFreshness.booleanValue() );
-
- assertEquals( 2, eventTracker.addedRoleNames.size() );
- assertEquals( 0, eventTracker.removedRoleNames.size() );
- assertEquals( 1, eventTracker.addedPermissionNames.size() );
- assertEquals( 0, eventTracker.removedPermissionNames.size() );
- }
-
- @Test
- public void testGetAssignedRoles()
- throws RbacManagerException
- {
- RBACManager manager = rbacManager;
- rbacManager.eraseDatabase();
-
- Role adminRole = manager.saveRole( getAdminRole() );
- Role projectAdminRole = manager.saveRole( getProjectAdminRole() );
- Role developerRole = manager.saveRole( getDeveloperRole() );
-
- // Setup 3 roles.
- assertEquals( 3, manager.getAllRoles().size() );
-
- // Setup User / Assignment with 3 roles.
- String username = "bob";
-
- UserAssignment assignment = manager.createUserAssignment( username );
- assignment.addRoleName( developerRole.getName() );
- assignment.addRoleName( projectAdminRole.getName() );
- assignment.addRoleName( adminRole.getName() );
- assignment = manager.saveUserAssignment( assignment );
-
- assertEquals( 3, assignment.getRoleNames().size() );
- assertEquals( 1, manager.getAllUserAssignments().size() );
- assertEquals( 3, manager.getAllRoles().size() );
-
- afterSetup();
-
- // Get the List of Assigned Roles for user bob.
- Collection<Role> assignedRoles = manager.getAssignedRoles( username );
-
- assertNotNull( assignedRoles );
- assertEquals( 3, assignedRoles.size() );
- }
-
- @Test
- public void testGetAssignedPermissions()
- throws RbacManagerException
- {
- RBACManager manager = rbacManager;
- rbacManager.eraseDatabase();
- // Setup 3 roles.
- manager.saveRole( getAdminRole() );
- manager.saveRole( getProjectAdminRole() );
- Role added = manager.saveRole( getDeveloperRole() );
- String roleName = added.getName();
-
- assertEquals( 3, manager.getAllRoles().size() );
- assertEquals( 3, manager.getAllPermissions().size() );
-
- // Setup User / Assignment with 1 role.
- String username = "bob";
-
- UserAssignment assignment = manager.createUserAssignment( username );
- assignment.addRoleName( roleName );
- manager.saveUserAssignment( assignment );
-
- assertEquals( 1, manager.getAllUserAssignments().size() );
- assertEquals( 3, manager.getAllRoles().size() );
- assertEquals( 3, manager.getAllPermissions().size() );
-
- // Get the List of Assigned Roles for user bob.
- Collection<Permission> assignedPermissions = manager.getAssignedPermissions( username );
-
- assertNotNull( assignedPermissions );
- assertEquals( 1, assignedPermissions.size() );
- }
-
- public Role getChildRole( RBACManager manager, Role role, String expectedChildRoleName, int childRoleCount )
- throws RbacManagerException
- {
- assertTrue( role.hasChildRoles() );
- List<String> childNames = role.getChildRoleNames();
- assertNotNull( childNames );
- assertEquals( 1, childNames.size() );
- String childName = (String) childNames.get( 0 );
- assertNotNull( childName );
- Role childRole = manager.getRole( childName );
- assertNotNull( childRole );
- assertEquals( expectedChildRoleName, childRole.getName() );
-
- return childRole;
- }
-
- @Test
- public void testGetRolesDeep()
- throws RbacManagerException
- {
- rbacManager.eraseDatabase();
- rbacDefaults.createDefaults();
-
- // Setup User / Assignment with 1 role.
- String username = "bob";
-
- UserAssignment assignment = rbacManager.createUserAssignment( username );
- assignment.addRoleName( "Developer" );
- rbacManager.saveUserAssignment( assignment );
-
- assertEquals( 1, rbacManager.getAllUserAssignments().size() );
- assertEquals( 4, rbacManager.getAllRoles().size() );
- assertEquals( 6, rbacManager.getAllPermissions().size() );
-
- // Get the List of Assigned Roles for user bob.
- Role devel = rbacManager.getRole( "Developer" );
- assertNotNull( devel );
-
- // First Depth.
- Role trusted = getChildRole( rbacManager, devel, "Trusted Developer", 1 );
-
- // Second Depth.
- Role sysAdmin = getChildRole( rbacManager, trusted, "System Administrator", 1 );
-
- // Third Depth.
- getChildRole( rbacManager, sysAdmin, "User Administrator", 1 );
- }
-
- @Test
- public void testGetAssignedPermissionsDeep()
- throws RbacManagerException
- {
- rbacDefaults.createDefaults();
-
- // Setup User / Assignment with 1 role.
- String username = "bob";
-
- UserAssignment assignment = rbacManager.createUserAssignment( username );
- assignment.addRoleName( "Developer" );
- rbacManager.saveUserAssignment( assignment );
-
- assertEquals( 1, rbacManager.getAllUserAssignments().size() );
- assertEquals( 4, rbacManager.getAllRoles().size() );
- assertEquals( 6, rbacManager.getAllPermissions().size() );
-
- afterSetup();
-
- // Get the List of Assigned Roles for user bob.
- Collection<Permission> assignedPermissions = rbacManager.getAssignedPermissions( username );
-
- assertNotNull( assignedPermissions );
- assertEquals( 6, assignedPermissions.size() );
- }
-
- @Test
- public void testLargeApplicationInit()
- throws RbacManagerException
- {
-
- rbacManager.eraseDatabase();
- rbacDefaults.createDefaults();
- assertEquals( 6, rbacManager.getAllPermissions().size() );
- assertEquals( 11, rbacManager.getAllOperations().size() );
- assertEquals( 4, rbacManager.getAllRoles().size() );
- }
-
- @Test
- public void testAddRemovePermanentPermission()
- throws RbacManagerException
- {
- assertNotNull( rbacManager );
-
- rbacManager.eraseDatabase();
- eventTracker.rbacInit( true );
-
- Role adminRole = rbacManager.saveRole( getAdminRole() );
- rbacManager.saveRole( getDeveloperRole() );
-
- assertEquals( 2, rbacManager.getAllRoles().size() );
- assertEquals( 2, rbacManager.getAllPermissions().size() );
-
- Permission createUserPerm = rbacManager.createPermission( "CREATE_USER", "CREATE", "User" );
- createUserPerm.setPermanent( true );
-
- // perm shouldn't exist in manager (yet)
- assertEquals( 2, rbacManager.getAllPermissions().size() );
-
- adminRole.addPermission( createUserPerm );
- rbacManager.saveRole( adminRole );
-
- // perm should exist in manager now.
- assertEquals( 3, rbacManager.getAllPermissions().size() );
- Permission fetched = rbacManager.getPermission( "CREATE_USER" );
- assertNotNull( fetched );
-
- // Attempt to remove perm now.
- try
- {
- // Use permission name technique first.
- rbacManager.removePermission( "CREATE_USER" );
- }
- catch ( RbacPermanentException e )
- {
- // expected path.
- }
-
- try
- {
- // Use permission object technique next.
- rbacManager.removePermission( fetched );
- }
- catch ( RbacPermanentException e )
- {
- // expected path.
- }
-
- // Assert some event tracker stuff
- assertNotNull( eventTracker );
- assertEquals( 1, eventTracker.initCount );
- assertTrue( eventTracker.lastDbFreshness.booleanValue() );
-
- assertEquals( 2, eventTracker.addedRoleNames.size() );
- assertEquals( 0, eventTracker.removedRoleNames.size() );
- assertEquals( 3, eventTracker.addedPermissionNames.size() );
- assertEquals( 0, eventTracker.removedPermissionNames.size() );
- }
-
- @Test
- public void testAddRemovePermanentRole()
- throws RbacManagerException
- {
- assertNotNull( rbacManager );
- rbacManager.eraseDatabase();
- eventTracker.rbacInit( true );
-
- Role adminRole = getAdminRole();
- adminRole.setPermanent( true );
-
- adminRole = rbacManager.saveRole( adminRole );
- Role develRole = rbacManager.saveRole( getDeveloperRole() );
-
- assertEquals( 2, rbacManager.getAllRoles().size() );
-
- Role actualAdmin = rbacManager.getRole( adminRole.getName() );
- Role actualDevel = rbacManager.getRole( develRole.getName() );
-
- assertEquals( adminRole, actualAdmin );
- assertEquals( develRole, actualDevel );
-
- // Attempt to remove perm now.
- try
- {
- // Use role name technique first.
- rbacManager.removeRole( adminRole.getName() );
- }
- catch ( RbacPermanentException e )
- {
- // expected path.
- }
-
- try
- {
- // Use role object technique next.
- rbacManager.removeRole( adminRole );
- }
- catch ( RbacPermanentException e )
- {
- // expected path.
- }
-
- /* Assert some event tracker stuff */
- assertNotNull( eventTracker );
- assertEquals( 1, eventTracker.initCount );
- assertTrue( eventTracker.lastDbFreshness.booleanValue() );
-
- assertEquals( 2, eventTracker.addedRoleNames.size() );
- assertEquals( 0, eventTracker.removedRoleNames.size() );
- assertEquals( 2, eventTracker.addedPermissionNames.size() );
- assertEquals( 0, eventTracker.removedPermissionNames.size() );
- }
-
- @Test
- public void testAddRemovePermanentOperation()
- throws RbacManagerException
- {
-
- rbacManager.eraseDatabase();
- eventTracker.rbacInit( true );
- assertNotNull( rbacManager );
-
- Role adminRole = rbacManager.saveRole( getAdminRole() );
- rbacManager.saveRole( getDeveloperRole() );
-
- assertEquals( 2, rbacManager.getAllRoles().size() );
- assertEquals( 2, rbacManager.getAllPermissions().size() );
-
- Permission createUserPerm = rbacManager.createPermission( "CREATE_USER", "CREATE", "User" );
- createUserPerm.getOperation().setPermanent( true );
-
- // perm shouldn't exist in manager (yet)
- assertEquals( 2, rbacManager.getAllPermissions().size() );
- assertEquals( 1, rbacManager.getAllOperations().size() );
-
- adminRole.addPermission( createUserPerm );
- rbacManager.saveRole( adminRole );
-
- // perm should exist in manager now.
- assertEquals( 2, rbacManager.getAllOperations().size() );
- Operation fetched = rbacManager.getOperation( "CREATE" );
- assertNotNull( fetched );
-
- // Attempt to remove operation now.
- try
- {
- // Use operation name technique first.
- rbacManager.removeOperation( "CREATE" );
- }
- catch ( RbacPermanentException e )
- {
- // expected path.
- }
-
- try
- {
- // Use operation object technique next.
- rbacManager.removeOperation( fetched );
- }
- catch ( RbacPermanentException e )
- {
- // expected path.
- }
-
- // Assert some event tracker stuff
- assertNotNull( eventTracker );
- assertEquals( 1, eventTracker.initCount );
- assertTrue( eventTracker.lastDbFreshness.booleanValue() );
-
- assertEquals( 2, eventTracker.addedRoleNames.size() );
- assertEquals( 0, eventTracker.removedRoleNames.size() );
- assertEquals( 3, eventTracker.addedPermissionNames.size() );
- assertEquals( 0, eventTracker.removedPermissionNames.size() );
- }
-
- /**
- * Allows subclasses to hook code after a test case has finished it's setup
- */
- protected void afterSetup()
- {
- // do nothing
- }
-}
+++ /dev/null
-package org.codehaus.plexus.redback.tests;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import org.apache.archiva.redback.rbac.RBACManagerListener;
-import org.apache.archiva.redback.rbac.Permission;
-import org.apache.archiva.redback.rbac.Role;
-import org.apache.archiva.redback.rbac.UserAssignment;
-
-import java.util.ArrayList;
-import java.util.List;
-
-/**
- * RbacManagerEventTracker
- *
- * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
- * @version $Id$
- */
-public class RbacManagerEventTracker
- implements RBACManagerListener
-{
- public long initCount = 0;
-
- public Boolean lastDbFreshness;
-
- public List<String> addedRoleNames = new ArrayList<String>();
-
- public List<String> removedRoleNames = new ArrayList<String>();
-
- public List<String> addedPermissionNames = new ArrayList<String>();
-
- public List<String> removedPermissionNames = new ArrayList<String>();
-
- public void rbacInit( boolean freshdb )
- {
- log( "Init - freshdb: " + freshdb );
- initCount++;
- lastDbFreshness = Boolean.valueOf( freshdb );
- }
-
- public void rbacPermissionRemoved( Permission permission )
- {
- log( "Permission Removed: " + permission.getName() );
- String obj = permission.getName();
- if ( !removedPermissionNames.contains( obj ) )
- {
- removedPermissionNames.add( obj );
- }
- }
-
- public void rbacPermissionSaved( Permission permission )
- {
- log( "Permission Saved: " + permission.getName() );
- String obj = permission.getName();
- if ( !addedPermissionNames.contains( obj ) )
- {
- addedPermissionNames.add( obj );
- }
- }
-
- public void rbacRoleRemoved( Role role )
- {
- log( "Role Removed: " + role.getName() );
- String obj = role.getName();
- if ( !removedRoleNames.contains( obj ) )
- {
- removedRoleNames.add( obj );
- }
- }
-
- public void rbacRoleSaved( Role role )
- {
- log( "Role Saved: " + role.getName() );
- String obj = role.getName();
- if ( !addedRoleNames.contains( obj ) )
- {
- addedRoleNames.add( obj );
- }
- }
-
- public void rbacUserAssignmentRemoved( UserAssignment userAssignment )
- {
-
- }
-
- public void rbacUserAssignmentSaved( UserAssignment userAssignment )
- {
-
- }
-
- private void log( String msg )
- {
- System.out.println( "[RBAC Event Tracker] " + msg );
- }
-}
+++ /dev/null
-package org.codehaus.plexus.redback.tests.utils;
-
-/*
- * Copyright 2006 The Apache Software Foundation.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-import org.apache.archiva.redback.rbac.Permission;
-import org.apache.archiva.redback.rbac.Operation;
-import org.apache.archiva.redback.rbac.RBACManager;
-import org.apache.archiva.redback.rbac.Role;
-import org.apache.archiva.redback.rbac.RbacManagerException;
-
-public class RBACDefaults
-{
- private final RBACManager manager;
-
- public RBACDefaults( RBACManager manager )
- {
- this.manager = manager;
- }
-
- public RBACManager createDefaults()
- throws RbacManagerException
- {
- if ( !manager.operationExists( "add-repository" ) )
- {
- Operation operation = manager.createOperation( "add-repository" );
- manager.saveOperation( operation );
- }
-
- if ( !manager.operationExists( "edit-repository" ) )
- {
- Operation operation = manager.createOperation( "edit-repository" );
- manager.saveOperation( operation );
- }
-
- if ( !manager.operationExists( "delete-repository" ) )
- {
- Operation operation = manager.createOperation( "delete-repository" );
- manager.saveOperation( operation );
- }
-
- if ( !manager.operationExists( "edit-configuration" ) )
- {
- Operation operation = manager.createOperation( "edit-configuration" );
- manager.saveOperation( operation );
- }
-
- if ( !manager.operationExists( "run-indexer" ) )
- {
- Operation operation = manager.createOperation( "run-indexer" );
- manager.saveOperation( operation );
- }
-
- if ( !manager.operationExists( "regenerate-index" ) )
- {
- Operation operation = manager.createOperation( "regenerate-index" );
- manager.saveOperation( operation );
- }
-
- if ( !manager.operationExists( "get-reports" ) )
- {
- Operation operation = manager.createOperation( "get-reports" );
- manager.saveOperation( operation );
- }
-
- if ( !manager.operationExists( "regenerate-reports" ) )
- {
- Operation operation = manager.createOperation( "regenerate-reports" );
- manager.saveOperation( operation );
- }
-
- if ( !manager.operationExists( "edit-user" ) )
- {
- Operation operation = manager.createOperation( "edit-user" );
- manager.saveOperation( operation );
- }
-
- if ( !manager.operationExists( "edit-all-users" ) )
- {
- Operation operation = manager.createOperation( "edit-all-users" );
- manager.saveOperation( operation );
- }
-
- if ( !manager.operationExists( "remove-roles" ) )
- {
- Operation operation = manager.createOperation( "remove-roles" );
- manager.saveOperation( operation );
- }
-
- if ( !manager.permissionExists( "Edit Configuration" ) )
- {
- Permission editConfiguration = manager.createPermission( "Edit Configuration", "edit-configuration",
- manager.getGlobalResource().getIdentifier() );
- manager.savePermission( editConfiguration );
- }
-
- if ( !manager.permissionExists( "Run Indexer" ) )
- {
- Permission runIndexer = manager.createPermission( "Run Indexer", "run-indexer", manager.getGlobalResource()
- .getIdentifier() );
-
- manager.savePermission( runIndexer );
- }
-
- if ( !manager.permissionExists( "Add Repository" ) )
- {
- Permission runIndexer = manager.createPermission( "Add Repository", "add-repository", manager
- .getGlobalResource().getIdentifier() );
- manager.savePermission( runIndexer );
- }
-
- if ( !manager.permissionExists( "Edit All Users" ) )
- {
- Permission editAllUsers = manager.createPermission( "Edit All Users", "edit-all-users", manager
- .getGlobalResource().getIdentifier() );
-
- manager.savePermission( editAllUsers );
- }
-
- if ( !manager.permissionExists( "Remove Roles" ) )
- {
- Permission editAllUsers = manager.createPermission( "Remove Roles", "remove-roles", manager
- .getGlobalResource().getIdentifier() );
-
- manager.savePermission( editAllUsers );
- }
-
- if ( !manager.permissionExists( "Regenerate Index" ) )
- {
- Permission regenIndex = manager.createPermission( "Regenerate Index", "regenerate-index", manager
- .getGlobalResource().getIdentifier() );
-
- manager.savePermission( regenIndex );
- }
-
- if ( !manager.roleExists( "User Administrator" ) )
- {
- Role userAdmin = manager.createRole( "User Administrator" );
- userAdmin.addPermission( manager.getPermission( "Edit All Users" ) );
- userAdmin.addPermission( manager.getPermission( "Remove Roles" ) );
- userAdmin.setAssignable( true );
- manager.saveRole( userAdmin );
- }
-
- if ( !manager.roleExists( "System Administrator" ) )
- {
- Role admin = manager.createRole( "System Administrator" );
- admin.addChildRoleName( "User Administrator" );
- admin.addPermission( manager.getPermission( "Edit Configuration" ) );
- admin.addPermission( manager.getPermission( "Run Indexer" ) );
- admin.addPermission( manager.getPermission( "Add Repository" ) );
- admin.addPermission( manager.getPermission( "Regenerate Index" ) );
- admin.setAssignable( true );
- manager.saveRole( admin );
- }
-
- if ( !manager.roleExists( "Trusted Developer" ) )
- {
- Role developer = manager.createRole( "Trusted Developer" );
- developer.addChildRoleName( "System Administrator" );
- developer.addPermission( manager.getPermission( "Run Indexer" ) );
- developer.setAssignable( true );
- manager.saveRole( developer );
- }
-
- if ( !manager.roleExists( "Developer" ) )
- {
- Role developer = manager.createRole( "Developer" );
- developer.addChildRoleName( "Trusted Developer" );
- developer.addPermission( manager.getPermission( "Run Indexer" ) );
- developer.setAssignable( true );
- manager.saveRole( developer );
- }
-
- return manager;
- }
-}
projects / archiva.git / commitdiff