mirrors
/
archiva
zrcadlo https://github.com/apache/archiva.git
Sledovat 1
Oblíbit 0
Rozštěpit 0
Zdrojový kód Úkoly 0 Vydání 70 Wiki Aktivita
Procházet zdrojové kódy

remove plexus-spring fix archiva-xmlrpc-security 

git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@1130305 13f79535-47bb-0310-9956-ffa450edef68
tags/archiva-1.4-M1
Olivier Lamy před 13 roky
rodič
df2b9275e9
revize
b9f10d6e9b
4 změnil soubory, kde provedl 151 přidání a 67 odebrání
Rozdělené zobrazení Ukázat statistiku rozdílových dat
  1. 1
    0
      .gitignore
  2. 4
    0
      archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/pom.xml
  3. 86
    67
      archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/java/org/apache/archiva/xmlrpc/security/XmlRpcAuthenticatorTest.java
  4. 60
    0
      archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/spring-context.xml

+ 1
- 0
.gitignore Zobrazit soubor

@@ -1,3 +1,4 @@
target
build
*.iml
derby.log

+ 4
- 0
archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/pom.xml Zobrazit soubor

@@ -80,5 +80,9 @@
<artifactId>slf4j-simple</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.derby</groupId>
<artifactId>derby</artifactId>
</dependency>
</dependencies>
</project>

+ 86
- 67
archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/java/org/apache/archiva/xmlrpc/security/XmlRpcAuthenticatorTest.java Zobrazit soubor

@@ -19,6 +19,7 @@ package org.apache.archiva.xmlrpc.security;
* under the License.
*/
import junit.framework.TestCase;
import org.apache.archiva.web.xmlrpc.security.XmlRpcAuthenticator;
import org.apache.maven.archiva.security.ArchivaRoleConstants;
import org.apache.xmlrpc.XmlRpcRequest;
@@ -28,18 +29,26 @@ import org.codehaus.plexus.redback.system.SecuritySystem;
import org.codehaus.plexus.redback.users.User;
import org.codehaus.plexus.redback.users.UserManager;
import org.codehaus.plexus.redback.users.UserNotFoundException;
import org.codehaus.plexus.spring.PlexusInSpringTestCase;
import org.easymock.MockControl;
import org.easymock.classextension.MockClassControl;
import org.junit.Before;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
import javax.inject.Inject;
import javax.inject.Named;
/**
* XmlRpcAuthenticatorTest
*
*
* @version $Id XmlRpcAuthenticatorTest.java
*/
@RunWith( SpringJUnit4ClassRunner.class )
@ContextConfiguration( locations = { "classpath*:/META-INF/spring-context.xml", "classpath*:/spring-context.xml" } )
public class XmlRpcAuthenticatorTest
//extends AbstractDependencyInjectionSpringContextTests
extends PlexusInSpringTestCase
extends TestCase
{
protected static final String USER_GUEST = "guest";
@@ -49,32 +58,38 @@ public class XmlRpcAuthenticatorTest
private static final String PASSWORD = "password123";
@Inject
@Named( value = "securitySystem#testable" )
protected SecuritySystem securitySystem;
@Inject
@Named( value = "roleManager#testable" )
protected RoleManager roleManager;
private MockControl xmlRpcRequestControl;
private XmlRpcRequest xmlRpcRequest;
private XmlRpcAuthenticator authenticator;
private MockControl configControl;
private XmlRpcHttpRequestConfigImpl config;
private XmlRpcHttpRequestConfigImpl config;
@Before
public void setUp()
throws Exception
{
super.setUp();
securitySystem = (SecuritySystem) lookup( SecuritySystem.class, "testable" );
roleManager = (RoleManager) lookup( RoleManager.class, "default" );
//securitySystem = (SecuritySystem) lookup( SecuritySystem.class, "testable" );
//roleManager = (RoleManager) lookup( RoleManager.class, "default" );
// Some basic asserts.
assertNotNull( securitySystem );
assertNotNull( securitySystem );
assertNotNull( roleManager );
// Setup Admin User.
User adminUser = createUser( USER_ADMIN, "Admin User", null );
roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_SYSTEM_ADMIN, adminUser.getPrincipal().toString() );
@@ -82,112 +97,116 @@ public class XmlRpcAuthenticatorTest
// Setup Guest User.
User guestUser = createUser( USER_GUEST, "Guest User", null );
roleManager.assignRole( ArchivaRoleConstants.TEMPLATE_GUEST, guestUser.getPrincipal().toString() );
configControl = MockClassControl.createControl( XmlRpcHttpRequestConfigImpl.class );
config = ( XmlRpcHttpRequestConfigImpl ) configControl.getMock();
config = (XmlRpcHttpRequestConfigImpl) configControl.getMock();
xmlRpcRequestControl = MockControl.createControl( XmlRpcRequest.class );
xmlRpcRequest = ( XmlRpcRequest ) xmlRpcRequestControl.getMock();
authenticator = new XmlRpcAuthenticator( securitySystem, null );
xmlRpcRequest = (XmlRpcRequest) xmlRpcRequestControl.getMock();
authenticator = new XmlRpcAuthenticator( securitySystem, null );
}
private User createUser( String principal, String fullname, String password )
throws UserNotFoundException
{
UserManager userManager = securitySystem.getUserManager();
User user = userManager.createUser( principal, fullname, principal + "@testable.archiva.apache.org" );
securitySystem.getPolicy().setEnabled( false );
userManager.addUser( user );
securitySystem.getPolicy().setEnabled( true );
user.setPassword( password );
user.setPassword( password );
userManager.updateUser( user );
return user;
}
@Test
public void testIsAuthorizedUserExistsButNotAuthorized()
throws Exception
{
createUser( USER_ALPACA, "Al 'Archiva' Paca", PASSWORD );
UserManager userManager = securitySystem.getUserManager();
try
{
User user = userManager.findUser( USER_ALPACA );
User user = userManager.findUser( USER_ALPACA );
assertEquals( USER_ALPACA, user.getPrincipal() );
}
catch ( UserNotFoundException e )
{
fail( "User should exist in the database." );
fail( "User should exist in the database." );
}
xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getConfig(), config, 2 );
configControl.expectAndReturn( config.getBasicUserName(), USER_ALPACA );
configControl.expectAndReturn( config.getBasicPassword(), PASSWORD );
xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getMethodName(),
"AdministrationService.getAllManagedRepositories" );
xmlRpcRequestControl.replay();
configControl.replay();
boolean isAuthorized = authenticator.isAuthorized( xmlRpcRequest );
xmlRpcRequestControl.verify();
configControl.verify();
assertFalse( isAuthorized );
}
@Test
public void testIsAuthorizedUserExistsAndAuthorized()
throws Exception
{
createUser( USER_ALPACA, "Al 'Archiva' Paca", PASSWORD );
UserManager userManager = securitySystem.getUserManager();
try
{
User user = userManager.findUser( USER_ALPACA );
User user = userManager.findUser( USER_ALPACA );
assertEquals( USER_ALPACA, user.getPrincipal() );
}
catch ( UserNotFoundException e )
{
fail( "User should exist in the database." );
fail( "User should exist in the database." );
}
//TODO cannot assign global repo manager role - it says role does not exist :|
//roleManager.assignRole( ArchivaRoleConstants.GLOBAL_REPOSITORY_MANAGER_ROLE, USER_ALPACA );
xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getConfig(), config, 2 );
configControl.expectAndReturn( config.getBasicUserName(), USER_ALPACA );
configControl.expectAndReturn( config.getBasicPassword(), PASSWORD );
xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getMethodName(),
"AdministrationService.getAllManagedRepositories" );
xmlRpcRequestControl.replay();
configControl.replay();
@SuppressWarnings("unused")
boolean isAuthorized = authenticator.isAuthorized( xmlRpcRequest );
@SuppressWarnings( "unused" ) boolean isAuthorized = authenticator.isAuthorized( xmlRpcRequest );
// TODO: broken or bad test?
// assertTrue( isAuthorized );
xmlRpcRequestControl.verify();
configControl.verify();
userManager.deleteUser( USER_ALPACA );
}
@Test
public void testIsAuthorizedUserDoesNotExist()
throws Exception
{
{
UserManager userManager = securitySystem.getUserManager();
try
{
@@ -196,26 +215,26 @@ public class XmlRpcAuthenticatorTest
}
catch ( UserNotFoundException e )
{
assertEquals( "Unable to find user 'alpaca'", e.getMessage() );
assertEquals( "Unable to find user 'alpaca'", e.getMessage() );
}
xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getConfig(), config, 2 );
configControl.expectAndReturn( config.getBasicUserName(), USER_ALPACA );
configControl.expectAndReturn( config.getBasicPassword(), PASSWORD );
xmlRpcRequestControl.expectAndReturn( xmlRpcRequest.getMethodName(),
"AdministrationService.getAllManagedRepositories" );
xmlRpcRequestControl.replay();
configControl.replay();
boolean isAuthorized = authenticator.isAuthorized( xmlRpcRequest );
xmlRpcRequestControl.verify();
configControl.verify();
assertFalse( isAuthorized );
}
}
}

+ 60
- 0
archiva-modules/archiva-web/archiva-xmlrpc/archiva-xmlrpc-security/src/test/resources/spring-context.xml Zobrazit soubor

@@ -0,0 +1,60 @@
<?xml version="1.0"?>

<!--
~ Licensed to the Apache Software Foundation (ASF) under one
~ or more contributor license agreements. See the NOTICE file
~ distributed with this work for additional information
~ regarding copyright ownership. The ASF licenses this file
~ to you under the Apache License, Version 2.0 (the
~ "License"); you may not use this file except in compliance
~ with the License. You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd"
default-lazy-init="true">

<bean name="securitySystem#testable" class="org.codehaus.plexus.redback.system.DefaultSecuritySystem">
<property name="authnManager" ref="authenticationManager"/>
<property name="userManager" ref="userManager#memory"/>
<property name="keyManager" ref="keyManager#memory"/>
<property name="authorizer" ref="authorizer#rbac"/>
</bean>

<bean name="authorizer#rbac" class="org.codehaus.plexus.redback.authorization.rbac.RbacAuthorizer">
<property name="manager" ref="rBACManager#memory"/>
<property name="userManager" ref="userManager#memory"/>
<property name="evaluator" ref="permissionEvaluator"/>
</bean>

<bean name="permissionEvaluator" class="org.codehaus.plexus.redback.authorization.rbac.evaluator.DefaultPermissionEvaluator">
<property name="userManager" ref="userManager#memory"/>
</bean>

<bean name="roleManager" class="org.codehaus.plexus.redback.role.DefaultRoleManager">
<property name="rbacManager" ref="rBACManager#memory"/>
</bean>
<alias name="roleManager" alias="roleManager#testable"/>

<bean name="roleModelProcessor" class="org.codehaus.plexus.redback.role.processor.DefaultRoleModelProcessor">
<property name="rbacManager" ref="rBACManager#memory"/>
</bean>

<bean name="roleTemplateProcessor" class="org.codehaus.plexus.redback.role.template.DefaultRoleTemplateProcessor">
<property name="rbacManager" ref="rBACManager#memory"/>
</bean>

</beans>

Zapsat Náhled
Načítá se…
Zrušit
Uložit