--- /dev/null
+package org.apache.archiva.redback.authorization.rbac;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.RBACManager;
+import org.apache.archiva.redback.rbac.RbacManagerException;
+import org.apache.archiva.redback.users.UserNotFoundException;
+import org.apache.archiva.redback.authorization.AuthorizationDataSource;
+import org.apache.archiva.redback.authorization.AuthorizationException;
+import org.apache.archiva.redback.authorization.AuthorizationResult;
+import org.apache.archiva.redback.authorization.Authorizer;
+import org.apache.archiva.redback.authorization.NotAuthorizedException;
+import org.apache.archiva.redback.authorization.rbac.evaluator.PermissionEvaluationException;
+import org.apache.archiva.redback.authorization.rbac.evaluator.PermissionEvaluator;
+import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
+import org.apache.archiva.redback.users.User;
+import org.apache.archiva.redback.users.UserManager;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Service;
+
+import javax.inject.Inject;
+import javax.inject.Named;
+import java.util.Arrays;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * RbacAuthorizer:
+ *
+ * @author Jesse McConnell <jmcconnell@apache.org>
+ * @version $Id$
+ */
+@Service( "authorizer#rbac" )
+public class RbacAuthorizer
+ implements Authorizer
+{
+ private Logger log = LoggerFactory.getLogger( getClass() );
+
+ @Inject
+ @Named( value = "rBACManager#cached" )
+ private RBACManager manager;
+
+ @Inject
+ @Named( value = "userManager#configurable" )
+ private UserManager userManager;
+
+ @Inject
+ private PermissionEvaluator evaluator;
+
+ public String getId()
+ {
+ return "RBAC Authorizer - " + this.getClass().getName();
+ }
+
+ /**
+ * @param source
+ * @return
+ * @throws AuthorizationException
+ */
+ public AuthorizationResult isAuthorized( AuthorizationDataSource source )
+ throws AuthorizationException
+ {
+ Object principal = source.getPrincipal();
+ Object operation = source.getPermission();
+ Object resource = source.getResource();
+
+ try
+ {
+ if ( principal != null )
+ {
+ // Set permissions = manager.getAssignedPermissions( principal.toString(), operation );
+ Map<String, List<Permission>> permissionMap = manager.getAssignedPermissionMap( principal.toString() );
+
+ if ( permissionMap.keySet().contains( operation.toString() ) )
+ {
+ for ( Permission permission : permissionMap.get( operation.toString() ) )
+ {
+ if ( log.isDebugEnabled() )
+ {
+ log.debug( "checking permission {} for operation {} resource {}",
+ Arrays.asList( permission != null ? permission.getName() : "null", operation,
+ resource ).toArray() );
+ }
+ if ( evaluator.evaluate( permission, operation, resource, principal ) )
+ {
+ return new AuthorizationResult( true, permission, null );
+ }
+ }
+
+ log.debug( "no permission found for operation {} resource {}", operation.toString(), resource );
+ }
+ else
+ {
+ log.debug( "permission map does not contain operation: {}", operation.toString() );
+ }
+ }
+ // check if guest user is enabled, if so check the global permissions
+ User guest = userManager.getGuestUser();
+
+ if ( !guest.isLocked() )
+ {
+ // Set permissions = manager.getAssignedPermissions( principal.toString(), operation );
+ Map<String, List<Permission>> permissionMap =
+ manager.getAssignedPermissionMap( guest.getPrincipal().toString() );
+
+ if ( permissionMap.keySet().contains( operation.toString() ) )
+ {
+ for ( Permission permission : permissionMap.get( operation.toString() ) )
+ {
+ log.debug( "checking permission {}", permission.getName() );
+
+ if ( evaluator.evaluate( permission, operation, resource, guest.getPrincipal() ) )
+ {
+ return new AuthorizationResult( true, permission, null );
+ }
+ }
+ }
+ }
+
+ return new AuthorizationResult( false, null, new NotAuthorizedException( "no matching permissions" ) );
+ }
+ catch ( PermissionEvaluationException pe )
+ {
+ return new AuthorizationResult( false, null, pe );
+ }
+ catch ( RbacObjectNotFoundException nfe )
+ {
+ return new AuthorizationResult( false, null, nfe );
+ }
+ catch ( UserNotFoundException ne )
+ {
+ return new AuthorizationResult( false, null,
+ new NotAuthorizedException( "no matching permissions, guest not found" ) );
+ }
+ catch ( RbacManagerException rme )
+ {
+ return new AuthorizationResult( false, null, rme );
+ }
+ }
+
+ public RBACManager getManager()
+ {
+ return manager;
+ }
+
+ public void setManager( RBACManager manager )
+ {
+ this.manager = manager;
+ }
+
+ public UserManager getUserManager()
+ {
+ return userManager;
+ }
+
+ public void setUserManager( UserManager userManager )
+ {
+ this.userManager = userManager;
+ }
+
+ public PermissionEvaluator getEvaluator()
+ {
+ return evaluator;
+ }
+
+ public void setEvaluator( PermissionEvaluator evaluator )
+ {
+ this.evaluator = evaluator;
+ }
+}
--- /dev/null
+package org.apache.archiva.redback.authorization.rbac.evaluator;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import org.apache.archiva.redback.rbac.Resource;
+import org.apache.archiva.redback.users.UserManager;
+import org.apache.archiva.redback.users.UserNotFoundException;
+import org.apache.archiva.redback.rbac.Permission;
+import org.springframework.stereotype.Service;
+
+import javax.inject.Inject;
+import javax.inject.Named;
+
+/**
+ * DefaultPermissionEvaluator:
+ * <p/>
+ * Currently only one expression is available for evaluation, ${username} will be replaced with the username
+ * of the person making the authorization check
+ *
+ * @author Jesse McConnell <jesse@codehaus.org>
+ * @version $Id$
+ */
+@Service("permissionEvaluator")
+public class DefaultPermissionEvaluator
+ implements PermissionEvaluator
+{
+ @Inject
+ @Named(value="userManager#configurable")
+ private UserManager userManager;
+
+ public boolean evaluate( Permission permission, Object operation, Object resource, Object principal )
+ throws PermissionEvaluationException
+ {
+ String permissionResource = permission.getResource().getIdentifier();
+
+ // expression evaluation checking
+ if ( permissionResource.startsWith( "${" ) )
+ {
+ String tempStr = permissionResource.substring( 2, permissionResource.indexOf( '}' ) );
+
+ if ( "username".equals( tempStr ) )
+ {
+ try
+ {
+ permissionResource = userManager.findUser( principal.toString() ).getUsername();
+ }
+ catch ( UserNotFoundException ne )
+ {
+ throw new PermissionEvaluationException( "unable to locate user to retrieve username", ne );
+ }
+ }
+ }
+
+ // check if this permission applies to the operation at all
+ if ( permission.getOperation().getName().equals( operation.toString() ) )
+ {
+ // check if it is a global resource, if it is then since the operations match we return true
+ if ( Resource.GLOBAL.equals( permission.getResource().getIdentifier() ) )
+ {
+ return true;
+ }
+
+ // if we are not checking a specific resource, the operation is enough
+ if ( resource == null )
+ {
+ return true;
+ }
+
+ // check if the resource identifier of the permission matches the resource we are checking against
+ // if it does then return true
+ if ( permissionResource.equals( resource.toString() ) )
+ {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+ public UserManager getUserManager()
+ {
+ return userManager;
+ }
+
+ public void setUserManager( UserManager userManager )
+ {
+ this.userManager = userManager;
+ }
+}
--- /dev/null
+package org.apache.archiva.redback.authorization.rbac.evaluator;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * PermissionEvaluationException:
+ *
+ * @author Jesse McConnell <jmcconnell@apache.org>
+ * @version $Id$
+ */
+public class PermissionEvaluationException
+ extends Exception
+{
+ public PermissionEvaluationException( String string )
+ {
+ super( string );
+ }
+
+ public PermissionEvaluationException( String string, Throwable throwable )
+ {
+ super( string, throwable );
+ }
+
+}
--- /dev/null
+package org.apache.archiva.redback.authorization.rbac.evaluator;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import org.apache.archiva.redback.rbac.Permission;
+
+
+/**
+ * PermissionEvaluator:
+ *
+ * @author Jesse McConnell <jmcconnell@apache.org>
+ * @version $Id$
+ */
+public interface PermissionEvaluator
+{
+ boolean evaluate( Permission permission, Object operation, Object resource, Object principal )
+ throws PermissionEvaluationException;
+}
+++ /dev/null
-package org.codehaus.plexus.redback.authorization.rbac;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import org.apache.archiva.redback.rbac.Permission;
-import org.apache.archiva.redback.rbac.RBACManager;
-import org.apache.archiva.redback.rbac.RbacManagerException;
-import org.apache.archiva.redback.users.UserNotFoundException;
-import org.apache.archiva.redback.authorization.AuthorizationDataSource;
-import org.apache.archiva.redback.authorization.AuthorizationException;
-import org.apache.archiva.redback.authorization.AuthorizationResult;
-import org.apache.archiva.redback.authorization.Authorizer;
-import org.apache.archiva.redback.authorization.NotAuthorizedException;
-import org.codehaus.plexus.redback.authorization.rbac.evaluator.PermissionEvaluationException;
-import org.codehaus.plexus.redback.authorization.rbac.evaluator.PermissionEvaluator;
-import org.apache.archiva.redback.rbac.RbacObjectNotFoundException;
-import org.apache.archiva.redback.users.User;
-import org.apache.archiva.redback.users.UserManager;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.stereotype.Service;
-
-import javax.inject.Inject;
-import javax.inject.Named;
-import java.util.Arrays;
-import java.util.List;
-import java.util.Map;
-
-/**
- * RbacAuthorizer:
- *
- * @author Jesse McConnell <jmcconnell@apache.org>
- * @version $Id$
- */
-@Service( "authorizer#rbac" )
-public class RbacAuthorizer
- implements Authorizer
-{
- private Logger log = LoggerFactory.getLogger( getClass() );
-
- @Inject
- @Named( value = "rBACManager#cached" )
- private RBACManager manager;
-
- @Inject
- @Named( value = "userManager#configurable" )
- private UserManager userManager;
-
- @Inject
- private PermissionEvaluator evaluator;
-
- public String getId()
- {
- return "RBAC Authorizer - " + this.getClass().getName();
- }
-
- /**
- * @param source
- * @return
- * @throws AuthorizationException
- */
- public AuthorizationResult isAuthorized( AuthorizationDataSource source )
- throws AuthorizationException
- {
- Object principal = source.getPrincipal();
- Object operation = source.getPermission();
- Object resource = source.getResource();
-
- try
- {
- if ( principal != null )
- {
- // Set permissions = manager.getAssignedPermissions( principal.toString(), operation );
- Map<String, List<Permission>> permissionMap = manager.getAssignedPermissionMap( principal.toString() );
-
- if ( permissionMap.keySet().contains( operation.toString() ) )
- {
- for ( Permission permission : permissionMap.get( operation.toString() ) )
- {
- if ( log.isDebugEnabled() )
- {
- log.debug( "checking permission {} for operation {} resource {}",
- Arrays.asList( permission != null ? permission.getName() : "null", operation,
- resource ).toArray() );
- }
- if ( evaluator.evaluate( permission, operation, resource, principal ) )
- {
- return new AuthorizationResult( true, permission, null );
- }
- }
-
- log.debug( "no permission found for operation {} resource {}", operation.toString(), resource );
- }
- else
- {
- log.debug( "permission map does not contain operation: {}", operation.toString() );
- }
- }
- // check if guest user is enabled, if so check the global permissions
- User guest = userManager.getGuestUser();
-
- if ( !guest.isLocked() )
- {
- // Set permissions = manager.getAssignedPermissions( principal.toString(), operation );
- Map<String, List<Permission>> permissionMap =
- manager.getAssignedPermissionMap( guest.getPrincipal().toString() );
-
- if ( permissionMap.keySet().contains( operation.toString() ) )
- {
- for ( Permission permission : permissionMap.get( operation.toString() ) )
- {
- log.debug( "checking permission {}", permission.getName() );
-
- if ( evaluator.evaluate( permission, operation, resource, guest.getPrincipal() ) )
- {
- return new AuthorizationResult( true, permission, null );
- }
- }
- }
- }
-
- return new AuthorizationResult( false, null, new NotAuthorizedException( "no matching permissions" ) );
- }
- catch ( PermissionEvaluationException pe )
- {
- return new AuthorizationResult( false, null, pe );
- }
- catch ( RbacObjectNotFoundException nfe )
- {
- return new AuthorizationResult( false, null, nfe );
- }
- catch ( UserNotFoundException ne )
- {
- return new AuthorizationResult( false, null,
- new NotAuthorizedException( "no matching permissions, guest not found" ) );
- }
- catch ( RbacManagerException rme )
- {
- return new AuthorizationResult( false, null, rme );
- }
- }
-
- public RBACManager getManager()
- {
- return manager;
- }
-
- public void setManager( RBACManager manager )
- {
- this.manager = manager;
- }
-
- public UserManager getUserManager()
- {
- return userManager;
- }
-
- public void setUserManager( UserManager userManager )
- {
- this.userManager = userManager;
- }
-
- public PermissionEvaluator getEvaluator()
- {
- return evaluator;
- }
-
- public void setEvaluator( PermissionEvaluator evaluator )
- {
- this.evaluator = evaluator;
- }
-}
+++ /dev/null
-package org.codehaus.plexus.redback.authorization.rbac.evaluator;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import org.apache.archiva.redback.rbac.Resource;
-import org.apache.archiva.redback.users.UserManager;
-import org.apache.archiva.redback.users.UserNotFoundException;
-import org.apache.archiva.redback.rbac.Permission;
-import org.springframework.stereotype.Service;
-
-import javax.inject.Inject;
-import javax.inject.Named;
-
-/**
- * DefaultPermissionEvaluator:
- * <p/>
- * Currently only one expression is available for evaluation, ${username} will be replaced with the username
- * of the person making the authorization check
- *
- * @author Jesse McConnell <jesse@codehaus.org>
- * @version $Id$
- */
-@Service("permissionEvaluator")
-public class DefaultPermissionEvaluator
- implements PermissionEvaluator
-{
- @Inject
- @Named(value="userManager#configurable")
- private UserManager userManager;
-
- public boolean evaluate( Permission permission, Object operation, Object resource, Object principal )
- throws PermissionEvaluationException
- {
- String permissionResource = permission.getResource().getIdentifier();
-
- // expression evaluation checking
- if ( permissionResource.startsWith( "${" ) )
- {
- String tempStr = permissionResource.substring( 2, permissionResource.indexOf( '}' ) );
-
- if ( "username".equals( tempStr ) )
- {
- try
- {
- permissionResource = userManager.findUser( principal.toString() ).getUsername();
- }
- catch ( UserNotFoundException ne )
- {
- throw new PermissionEvaluationException( "unable to locate user to retrieve username", ne );
- }
- }
- }
-
- // check if this permission applies to the operation at all
- if ( permission.getOperation().getName().equals( operation.toString() ) )
- {
- // check if it is a global resource, if it is then since the operations match we return true
- if ( Resource.GLOBAL.equals( permission.getResource().getIdentifier() ) )
- {
- return true;
- }
-
- // if we are not checking a specific resource, the operation is enough
- if ( resource == null )
- {
- return true;
- }
-
- // check if the resource identifier of the permission matches the resource we are checking against
- // if it does then return true
- if ( permissionResource.equals( resource.toString() ) )
- {
- return true;
- }
- }
-
- return false;
- }
-
- public UserManager getUserManager()
- {
- return userManager;
- }
-
- public void setUserManager( UserManager userManager )
- {
- this.userManager = userManager;
- }
-}
+++ /dev/null
-package org.codehaus.plexus.redback.authorization.rbac.evaluator;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-/**
- * PermissionEvaluationException:
- *
- * @author Jesse McConnell <jmcconnell@apache.org>
- * @version $Id$
- */
-public class PermissionEvaluationException
- extends Exception
-{
- public PermissionEvaluationException( String string )
- {
- super( string );
- }
-
- public PermissionEvaluationException( String string, Throwable throwable )
- {
- super( string, throwable );
- }
-
-}
+++ /dev/null
-package org.codehaus.plexus.redback.authorization.rbac.evaluator;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import org.apache.archiva.redback.rbac.Permission;
-
-
-/**
- * PermissionEvaluator:
- *
- * @author Jesse McConnell <jmcconnell@apache.org>
- * @version $Id$
- */
-public interface PermissionEvaluator
-{
- boolean evaluate( Permission permission, Object operation, Object resource, Object principal )
- throws PermissionEvaluationException;
-}
<context:annotation-config />
<context:component-scan
- base-package="org.codehaus.plexus.redback.authorization.rbac"/>
+ base-package="org.apache.archiva.redback.authorization.rbac"/>
</beans>
\ No newline at end of file
--- /dev/null
+package org.apache.archiva.redback.authorization.rbac.evaluator;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import junit.framework.TestCase;
+import org.apache.archiva.redback.authorization.rbac.evaluator.PermissionEvaluationException;
+import org.apache.archiva.redback.authorization.rbac.evaluator.PermissionEvaluator;
+import org.apache.archiva.redback.rbac.Permission;
+import org.apache.archiva.redback.rbac.Operation;
+import org.apache.archiva.redback.rbac.Resource;
+import org.codehaus.plexus.redback.rbac.memory.MemoryOperation;
+import org.codehaus.plexus.redback.rbac.memory.MemoryPermission;
+import org.codehaus.plexus.redback.rbac.memory.MemoryResource;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import javax.inject.Inject;
+
+@RunWith( SpringJUnit4ClassRunner.class )
+@ContextConfiguration( locations = { "classpath*:/META-INF/spring-context.xml", "classpath*:/spring-context.xml" } )
+public class PermissionEvaluatorTest
+ extends TestCase
+{
+
+ @Inject
+ PermissionEvaluator permissionEvaluator;
+
+ @Test
+ public void testNullResource()
+ throws PermissionEvaluationException
+ {
+ // null resources should be considered as matching if any resource is obtained.
+ // we do this instead of using "global" as that is the inverse - you are allocated global rights,
+ // which is right to everything. null is the right to anything.
+
+ Resource resource = new MemoryResource();
+ resource.setIdentifier( "Resource" );
+
+ Operation operation = new MemoryOperation();
+ operation.setName( "Operation" );
+
+ Permission permission = new MemoryPermission();
+ permission.setName( "Permission" );
+ permission.setOperation( operation );
+ permission.setResource( resource );
+
+ assertTrue( permissionEvaluator.evaluate( permission, "Operation", null, "brett" ) );
+ }
+}
+++ /dev/null
-package org.codehaus.plexus.redback.authorization.rbac.evaluator;
-
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-import junit.framework.TestCase;
-import org.apache.archiva.redback.rbac.Permission;
-import org.apache.archiva.redback.rbac.Operation;
-import org.apache.archiva.redback.rbac.Resource;
-import org.codehaus.plexus.redback.rbac.memory.MemoryOperation;
-import org.codehaus.plexus.redback.rbac.memory.MemoryPermission;
-import org.codehaus.plexus.redback.rbac.memory.MemoryResource;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-
-import javax.inject.Inject;
-
-@RunWith( SpringJUnit4ClassRunner.class )
-@ContextConfiguration( locations = { "classpath*:/META-INF/spring-context.xml", "classpath*:/spring-context.xml" } )
-public class PermissionEvaluatorTest
- extends TestCase
-{
-
- @Inject
- PermissionEvaluator permissionEvaluator;
-
- @Test
- public void testNullResource()
- throws PermissionEvaluationException
- {
- // null resources should be considered as matching if any resource is obtained.
- // we do this instead of using "global" as that is the inverse - you are allocated global rights,
- // which is right to everything. null is the right to anything.
-
- Resource resource = new MemoryResource();
- resource.setIdentifier( "Resource" );
-
- Operation operation = new MemoryOperation();
- operation.setName( "Operation" );
-
- Permission permission = new MemoryPermission();
- permission.setName( "Permission" );
- permission.setOperation( operation );
- permission.setResource( resource );
-
- assertTrue( permissionEvaluator.evaluate( permission, "Operation", null, "brett" ) );
- }
-}