001: /******************************************************************************
002: * JBoss, a division of Red Hat *
003: * Copyright 2006, Red Hat Middleware, LLC, and individual *
004: * contributors as indicated by the @authors tag. See the *
005: * copyright.txt in the distribution for a full listing of *
006: * individual contributors. *
007: * *
008: * This is free software; you can redistribute it and/or modify it *
009: * under the terms of the GNU Lesser General Public License as *
010: * published by the Free Software Foundation; either version 2.1 of *
011: * the License, or (at your option) any later version. *
012: * *
013: * This software is distributed in the hope that it will be useful, *
014: * but WITHOUT ANY WARRANTY; without even the implied warranty of *
015: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
016: * Lesser General Public License for more details. *
017: * *
018: * You should have received a copy of the GNU Lesser General Public *
019: * License along with this software; if not, write to the Free *
020: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
021: * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
022: ******************************************************************************/package org.jboss.portal.test.cms.security;
023:
024: import junit.framework.TestSuite;
025: import org.jboss.portal.cms.CMSException;
026: import org.jboss.portal.cms.Command;
027: import org.jboss.portal.cms.model.File;
028: import org.jboss.portal.cms.model.Folder;
029:
030: import java.util.List;
031: import java.util.Locale;
032:
033: /** @author Sohil Shah - sohil.shah@jboss.com - Nov 30, 2006 */
034: public class TestReadAccess extends SecureCommandTestCase {
035: String rejectFolderPath = "/default/private";
036: String allowedFolderPath = "/default/images";
037: String rejectFilePath = "/default/private/license.html";
038: String allowedFilePath = "/default/images/check.gif";
039:
040: /**
041: *
042: *
043: */
044: public TestReadAccess() {
045: }
046:
047: /**
048: *
049: *
050: */
051: public static TestSuite suite() throws Exception {
052: return createTestSuite(TestReadAccess.class);
053: }
054:
055: /**
056: *
057: *
058: */
059: private void runFileScenario(String filePath) throws CMSException {
060: //Get the specified file
061: Command get = this .service.getCommandFactory()
062: .createFileGetCommand(filePath,
063: new Locale(this .service.getDefaultLocale()));
064: File file = (File) this .service.execute(get);
065: assertNotNull(file);
066: assertEquals(file.getBasePath(), filePath);
067:
068: //Get a list of file versions
069: get = this .service.getCommandFactory()
070: .createFileGetListCommand(filePath);
071: List versions = (List) this .service.execute(get);
072: assertNotNull(versions);
073: assertTrue(versions.size() > 0);
074: }
075:
076: /**
077: * @param folderPath
078: * @throws CMSException
079: */
080: private void runFolderScenario(String folderPath)
081: throws CMSException {
082: //Get the specified folder
083: Command get = this .service.getCommandFactory()
084: .createFolderGetCommand(folderPath);
085: Folder folder = (Folder) this .service.execute(get);
086: assertNotNull(folder);
087: assertEquals(folder.getBasePath(), folderPath);
088:
089: //Get the specified folder list
090: get = this .service.getCommandFactory()
091: .createFolderGetListCommand(folderPath);
092: Folder folderList = (Folder) this .service.execute(get);
093: assertNotNull(folderList);
094: assertTrue(folderList.getFolders() != null
095: || folderList.getFiles() != null);
096: }
097:
098: /** @throws Exception */
099: public void testAnonymous() throws Exception {
100: try {
101: this .runFileScenario(this .rejectFilePath);
102: assertTrue("Access should not have been granted to"
103: + this .rejectFilePath, false);
104: } catch (CMSException cme) {
105: // assert and make sure access was not granted
106: String cmeMessage = cme.toString();
107: assertTrue(cmeMessage
108: .indexOf("Access to this resource is denied") != -1);
109: }
110:
111: try {
112: this .runFolderScenario(this .rejectFolderPath);
113: assertTrue("Access should not have been granted to"
114: + this .rejectFolderPath, false);
115: } catch (CMSException cme) {
116: // assert and make sure access was not granted
117: String cmeMessage = cme.toString();
118: assertTrue(cmeMessage
119: .indexOf("Access to this resource is denied") != -1);
120: }
121:
122: try {
123: this .runFileScenario(this .allowedFilePath);
124: } catch (CMSException cme) {
125: // assert and make sure access was not granted
126: String cmeMessage = cme.toString();
127: assertTrue(cmeMessage
128: .indexOf("Access to this resource is denied") == -1);
129: }
130:
131: try {
132: this .runFolderScenario(this .allowedFolderPath);
133: } catch (CMSException cme) {
134: // assert and make sure access was not granted
135: String cmeMessage = cme.toString();
136: assertTrue(cmeMessage
137: .indexOf("Access to this resource is denied") == -1);
138: }
139: }
140:
141: /** @throws Exception */
142: public void testUser() throws Exception {
143: this .runAs("user");
144:
145: try {
146: this .runFileScenario(this .rejectFilePath);
147: assertTrue("Access should not have been granted to"
148: + this .rejectFilePath, false);
149: } catch (CMSException cme) {
150: // assert and make sure access was not granted
151: String cmeMessage = cme.toString();
152: assertTrue(cmeMessage
153: .indexOf("Access to this resource is denied") != -1);
154: }
155:
156: try {
157: this .runFolderScenario(this .rejectFolderPath);
158: assertTrue("Access should not have been granted to"
159: + this .rejectFolderPath, false);
160: } catch (CMSException cme) {
161: // assert and make sure access was not granted
162: String cmeMessage = cme.toString();
163: assertTrue(cmeMessage
164: .indexOf("Access to this resource is denied") != -1);
165: }
166:
167: try {
168: this .runFileScenario(this .allowedFilePath);
169: } catch (CMSException cme) {
170: // assert and make sure access was not granted
171: String cmeMessage = cme.toString();
172: assertTrue(cmeMessage
173: .indexOf("Access to this resource is denied") == -1);
174: }
175:
176: try {
177: this .runFolderScenario(this .allowedFolderPath);
178: } catch (CMSException cme) {
179: // assert and make sure access was not granted
180: String cmeMessage = cme.toString();
181: assertTrue(cmeMessage
182: .indexOf("Access to this resource is denied") == -1);
183: }
184: }
185:
186: /** @throws Exception */
187: public void testAdmin() throws Exception {
188: this .runAs("admin");
189:
190: try {
191: this .runFileScenario(this .rejectFilePath);
192: } catch (CMSException cme) {
193: // assert and make sure access was not granted
194: String cmeMessage = cme.toString();
195: assertTrue(cmeMessage
196: .indexOf("Access to this resource is denied") == -1);
197: }
198:
199: try {
200: this .runFolderScenario(this .rejectFolderPath);
201: } catch (CMSException cme) {
202: // assert and make sure access was not granted
203: String cmeMessage = cme.toString();
204: assertTrue(cmeMessage
205: .indexOf("Access to this resource is denied") == -1);
206: }
207:
208: try {
209: this .runFileScenario(this .allowedFilePath);
210: } catch (CMSException cme) {
211: // assert and make sure access was not granted
212: String cmeMessage = cme.toString();
213: assertTrue(cmeMessage
214: .indexOf("Access to this resource is denied") == -1);
215: }
216:
217: try {
218: this .runFolderScenario(this .allowedFolderPath);
219: } catch (CMSException cme) {
220: // assert and make sure access was not granted
221: String cmeMessage = cme.toString();
222: assertTrue(cmeMessage
223: .indexOf("Access to this resource is denied") == -1);
224: }
225: }
226: }
|