summaryrefslogtreecommitdiffstats
path: root/archiva-modules/archiva-web/archiva-security
diff options
context:
space:
mode:
authorOlivier Lamy <olamy@apache.org>2011-06-08 15:59:41 +0000
committerOlivier Lamy <olamy@apache.org>2011-06-08 15:59:41 +0000
commitde7890f4a3dbfaee1a2abeda4a78044dde6454b4 (patch)
tree2a5707ad9ac6c4f6dd9abff3c0536d2f3e90b53f /archiva-modules/archiva-web/archiva-security
parent217ae162828cce5f473c4e3b87c985f21c1a3b5b (diff)
downloadarchiva-de7890f4a3dbfaee1a2abeda4a78044dde6454b4.tar.gz
archiva-de7890f4a3dbfaee1a2abeda4a78044dde6454b4.zip
fix more unit tests in archiva-security
git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@1133448 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'archiva-modules/archiva-web/archiva-security')
-rw-r--r--archiva-modules/archiva-web/archiva-security/pom.xml5
-rw-r--r--archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaServletAuthenticator.java12
-rw-r--r--archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java8
-rw-r--r--archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/AbstractSecurityTest.java29
-rw-r--r--archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.java35
-rw-r--r--archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/DefaultUserRepositoriesTest.java13
-rw-r--r--archiva-modules/archiva-web/archiva-security/src/test/resources/spring-context.xml61
7 files changed, 104 insertions, 59 deletions
diff --git a/archiva-modules/archiva-web/archiva-security/pom.xml b/archiva-modules/archiva-web/archiva-security/pom.xml
index b8092f9de..510fda073 100644
--- a/archiva-modules/archiva-web/archiva-security/pom.xml
+++ b/archiva-modules/archiva-web/archiva-security/pom.xml
@@ -84,5 +84,10 @@
<artifactId>derby</artifactId>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>com.google.guava</groupId>
+ <artifactId>guava</artifactId>
+ <scope>test</scope>
+ </dependency>
</dependencies>
</project>
diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaServletAuthenticator.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaServletAuthenticator.java
index 6180f75d9..a73c9e4a6 100644
--- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaServletAuthenticator.java
+++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/ArchivaServletAuthenticator.java
@@ -40,7 +40,7 @@ import org.springframework.stereotype.Service;
/**
* @version
- * @plexus.component role="org.apache.maven.archiva.security.ServletAuthenticator" role-hint="default"
+ * plexus.component role="org.apache.maven.archiva.security.ServletAuthenticator" role-hint="default"
*/
@Service("servletAuthenticator")
public class ArchivaServletAuthenticator
@@ -49,7 +49,7 @@ public class ArchivaServletAuthenticator
private Logger log = LoggerFactory.getLogger( ArchivaServletAuthenticator.class );
/**
- * @plexus.requirement
+ * plexus.requirement
*/
@Inject
private SecuritySystem securitySystem;
@@ -119,5 +119,13 @@ public class ArchivaServletAuthenticator
}
+ public SecuritySystem getSecuritySystem()
+ {
+ return securitySystem;
+ }
+ public void setSecuritySystem( SecuritySystem securitySystem )
+ {
+ this.securitySystem = securitySystem;
+ }
}
diff --git a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
index 36e3d7992..88a28e2ac 100644
--- a/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
+++ b/archiva-modules/archiva-web/archiva-security/src/main/java/org/apache/maven/archiva/security/DefaultUserRepositories.java
@@ -43,26 +43,26 @@ import javax.inject.Inject;
* DefaultUserRepositories
*
* @version $Id$
- * @plexus.component role="org.apache.maven.archiva.security.UserRepositories" role-hint="default"
+ * plexus.component role="org.apache.maven.archiva.security.UserRepositories" role-hint="default"
*/
@Service("userRepositories")
public class DefaultUserRepositories
implements UserRepositories
{
/**
- * @plexus.requirement
+ * plexus.requirement
*/
@Inject
private SecuritySystem securitySystem;
/**
- * @plexus.requirement role-hint="default"
+ * plexus.requirement role-hint="default"
*/
@Inject
private RoleManager roleManager;
/**
- * @plexus.requirement
+ * plexus.requirement
*/
@Inject
private ArchivaConfiguration archivaConfiguration;
diff --git a/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/AbstractSecurityTest.java b/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/AbstractSecurityTest.java
index 15eba1e26..84d6b8c51 100644
--- a/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/AbstractSecurityTest.java
+++ b/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/AbstractSecurityTest.java
@@ -19,17 +19,23 @@ package org.apache.maven.archiva.security;
* under the License.
*/
+import com.google.common.collect.Lists;
import junit.framework.TestCase;
+import net.sf.ehcache.CacheManager;
import org.apache.commons.io.FileUtils;
import org.apache.maven.archiva.configuration.ArchivaConfiguration;
import org.apache.maven.archiva.configuration.ManagedRepositoryConfiguration;
import org.codehaus.plexus.redback.rbac.RBACManager;
+import org.codehaus.plexus.redback.rbac.RbacObjectNotFoundException;
+import org.codehaus.plexus.redback.rbac.UserAssignment;
import org.codehaus.plexus.redback.role.RoleManager;
import org.codehaus.plexus.redback.system.SecuritySystem;
import org.codehaus.plexus.redback.users.User;
import org.codehaus.plexus.redback.users.UserManager;
import org.junit.Before;
import org.junit.runner.RunWith;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
@@ -47,6 +53,9 @@ import java.io.File;
public abstract class AbstractSecurityTest
extends TestCase
{
+
+ protected Logger log = LoggerFactory.getLogger( getClass() );
+
protected static final String USER_GUEST = "guest";
protected static final String USER_ADMIN = "admin";
@@ -59,7 +68,7 @@ public abstract class AbstractSecurityTest
@Inject
@Named( value = "rBACManager#memory" )
- private RBACManager rbacManager;
+ protected RBACManager rbacManager;
@Inject
protected RoleManager roleManager;
@@ -132,4 +141,22 @@ public abstract class AbstractSecurityTest
User guestUser = createUser( USER_GUEST, "Guest User" );
roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_GUEST, guestUser.getPrincipal().toString() );
}
+
+ protected void restoreGuestInitialValues( String userId )
+ throws Exception
+ {
+ UserAssignment userAssignment = null;
+ try
+ {
+ userAssignment = rbacManager.getUserAssignment( userId );
+ }
+ catch ( RbacObjectNotFoundException e )
+ {
+ log.info( "ignore RbacObjectNotFoundException for id {} during restoreGuestInitialValues", userId );
+ return;
+ }
+ userAssignment.setRoleNames( Lists.newArrayList( "Guest" ) );
+ rbacManager.saveUserAssignment( userAssignment );
+ CacheManager.getInstance().clearAll();
+ }
}
diff --git a/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.java b/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.java
index 7a0ec20d1..a24bb8228 100644
--- a/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.java
+++ b/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/ArchivaServletAuthenticatorTest.java
@@ -19,30 +19,33 @@ package org.apache.maven.archiva.security;
* under the License.
*/
-import javax.inject.Inject;
-import javax.servlet.http.HttpServletRequest;
-
+import com.google.common.collect.Lists;
+import net.sf.ehcache.CacheManager;
import org.codehaus.plexus.redback.authentication.AuthenticationException;
import org.codehaus.plexus.redback.authentication.AuthenticationResult;
import org.codehaus.plexus.redback.authorization.UnauthorizedException;
+import org.codehaus.plexus.redback.rbac.UserAssignment;
import org.codehaus.plexus.redback.system.DefaultSecuritySession;
import org.codehaus.plexus.redback.system.SecuritySession;
import org.codehaus.plexus.redback.users.User;
import org.codehaus.plexus.redback.users.UserManager;
-
import org.easymock.MockControl;
import org.junit.Before;
import org.junit.Test;
+import javax.inject.Inject;
+import javax.inject.Named;
+import javax.servlet.http.HttpServletRequest;
+import java.util.Arrays;
+
/**
* ArchivaServletAuthenticatorTest
- *
- * @version
*/
public class ArchivaServletAuthenticatorTest
extends AbstractSecurityTest
{
@Inject
+ @Named( value = "servletAuthenticator#test" )
private ServletAuthenticator servletAuth;
private MockControl httpServletRequestControl;
@@ -116,6 +119,8 @@ public class ArchivaServletAuthenticatorTest
servletAuth.isAuthorized( request, session, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD );
assertTrue( isAuthorized );
+
+ restoreGuestInitialValues( USER_ALPACA );
}
@Test
@@ -148,6 +153,8 @@ public class ArchivaServletAuthenticatorTest
}
httpServletRequestControl.verify();
+
+ restoreGuestInitialValues( USER_ALPACA );
}
@Test
@@ -168,6 +175,8 @@ public class ArchivaServletAuthenticatorTest
servletAuth.isAuthorized( request, session, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS );
assertTrue( isAuthorized );
+
+ restoreGuestInitialValues( USER_ALPACA );
}
@Test
@@ -191,6 +200,8 @@ public class ArchivaServletAuthenticatorTest
{
assertEquals( "Access denied for repository corporate", e.getMessage() );
}
+
+ restoreGuestInitialValues( USER_ALPACA );
}
@Test
@@ -202,6 +213,10 @@ public class ArchivaServletAuthenticatorTest
servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD );
assertTrue( isAuthorized );
+
+ // cleanup previously add karma
+ restoreGuestInitialValues(USER_GUEST);
+
}
@Test
@@ -213,6 +228,10 @@ public class ArchivaServletAuthenticatorTest
boolean isAuthorized =
servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_UPLOAD );
assertFalse( isAuthorized );
+
+ // cleanup previously add karma
+ restoreGuestInitialValues(USER_GUEST);
+
}
@Test
@@ -225,6 +244,9 @@ public class ArchivaServletAuthenticatorTest
servletAuth.isAuthorized( USER_GUEST, "corporate", ArchivaRoleConstants.OPERATION_REPOSITORY_ACCESS );
assertTrue( isAuthorized );
+
+ // cleanup previously add karma
+ restoreGuestInitialValues(USER_GUEST);
}
@Test
@@ -236,4 +258,5 @@ public class ArchivaServletAuthenticatorTest
assertFalse( isAuthorized );
}
+
}
diff --git a/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/DefaultUserRepositoriesTest.java b/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/DefaultUserRepositoriesTest.java
index d314e1c37..bc11b9436 100644
--- a/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/DefaultUserRepositoriesTest.java
+++ b/archiva-modules/archiva-web/archiva-security/src/test/java/org/apache/maven/archiva/security/DefaultUserRepositoriesTest.java
@@ -22,6 +22,7 @@ package org.apache.maven.archiva.security;
import java.util.List;
import org.apache.commons.lang.StringUtils;
+import org.junit.Before;
import org.junit.Test;
/**
@@ -31,10 +32,16 @@ import org.junit.Test;
*/
public class DefaultUserRepositoriesTest
extends AbstractSecurityTest
-{
- protected String getPlexusConfigLocation()
+{
+
+
+ @Before
+ public void setUp() throws Exception
{
- return "org/apache/maven/archiva/security/DefaultUserRepositoriesTest.xml";
+ super.setUp();
+ restoreGuestInitialValues( USER_ALPACA );
+ restoreGuestInitialValues( USER_GUEST );
+ restoreGuestInitialValues( USER_ADMIN );
}
@Test
diff --git a/archiva-modules/archiva-web/archiva-security/src/test/resources/spring-context.xml b/archiva-modules/archiva-web/archiva-security/src/test/resources/spring-context.xml
index 30e0cbd56..44e71526c 100644
--- a/archiva-modules/archiva-web/archiva-security/src/test/resources/spring-context.xml
+++ b/archiva-modules/archiva-web/archiva-security/src/test/resources/spring-context.xml
@@ -52,42 +52,33 @@
<bean name="roleManager" class="org.codehaus.plexus.redback.role.DefaultRoleManager">
<property name="rbacManager" ref="rBACManager#memory"/>
+ <property name="modelProcessor" ref="roleModelProcessor"/>
+ <property name="templateProcessor" ref="roleTemplateProcessor#test"/>
</bean>
<bean name="rBACManager#cached" class="org.codehaus.plexus.redback.rbac.cached.CachedRbacManager">
<property name="rbacImpl" ref="rBACManager#memory"/>
</bean>
- <!--
+ <bean name="roleModelProcessor" class="org.codehaus.plexus.redback.role.processor.DefaultRoleModelProcessor">
+ <property name="rbacManager" ref="rBACManager#memory"/>
+ </bean>
+ <alias name="roleModelProcessor" alias="roleModelProcessor#test"/>
- <component>
- <role>org.codehaus.plexus.redback.role.processor.RoleModelProcessor</role>
- <role-hint>default</role-hint>
- <implementation>org.codehaus.plexus.redback.role.processor.DefaultRoleModelProcessor</implementation>
- <description>DefaultRoleModelProcessor: inserts the components of the model that can be populated into the rbac manager</description>
- <requirements>
- <requirement>
- <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
- <role-hint>memory</role-hint>
- <field-name>rbacManager</field-name>
- </requirement>
- </requirements>
- </component>
+ <bean name="roleTemplateProcessor" class="org.codehaus.plexus.redback.role.template.DefaultRoleTemplateProcessor">
+ <property name="rbacManager" ref="rBACManager#memory"/>
+ </bean>
- <component>
- <role>org.codehaus.plexus.redback.role.template.RoleTemplateProcessor</role>
- <role-hint>default</role-hint>
- <implementation>org.codehaus.plexus.redback.role.template.DefaultRoleTemplateProcessor</implementation>
- <description>DefaultRoleTemplateProcessor: inserts the components of a template into the rbac manager</description>
- <requirements>
- <requirement>
- <role>org.codehaus.plexus.redback.rbac.RBACManager</role>
- <role-hint>memory</role-hint>
- <field-name>rbacManager</field-name>
- </requirement>
- </requirements>
- </component>
+ <alias name="roleTemplateProcessor" alias="roleTemplateProcessor#test"/>
+
+ <bean name="servletAuthenticator" class="org.apache.maven.archiva.security.ArchivaServletAuthenticator">
+ <property name="securitySystem" ref="securitySystem#testable"/>
+ </bean>
+
+ <alias name="servletAuthenticator" alias="servletAuthenticator#test"/>
+
+ <!--
<component>
<role>org.apache.maven.archiva.configuration.ArchivaConfiguration</role>
@@ -113,22 +104,6 @@
</component>
- ignored ??
-
- <component>
- <role>org.apache.maven.archiva.security.ServletAuthenticator</role>
- <role-hint>default</role-hint>
- <implementation>org.apache.maven.archiva.security.ArchivaServletAuthenticator</implementation>
- <description>ArchivaServletAuthenticator</description>
- <requirements>
- <requirement>
- <role>org.codehaus.plexus.redback.system.SecuritySystem</role>
- <role-hint>testable</role-hint>
- <field-name>securitySystem</field-name>
- </requirement>
- </requirements>
- </component>
-
partially configured
<component>