001: /******************************************************************************
002: * JBoss, a division of Red Hat *
003: * Copyright 2006, Red Hat Middleware, LLC, and individual *
004: * contributors as indicated by the @authors tag. See the *
005: * copyright.txt in the distribution for a full listing of *
006: * individual contributors. *
007: * *
008: * This is free software; you can redistribute it and/or modify it *
009: * under the terms of the GNU Lesser General Public License as *
010: * published by the Free Software Foundation; either version 2.1 of *
011: * the License, or (at your option) any later version. *
012: * *
013: * This software is distributed in the hope that it will be useful, *
014: * but WITHOUT ANY WARRANTY; without even the implied warranty of *
015: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *
016: * Lesser General Public License for more details. *
017: * *
018: * You should have received a copy of the GNU Lesser General Public *
019: * License along with this software; if not, write to the Free *
020: * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA *
021: * 02110-1301 USA, or see the FSF site: http://www.fsf.org. *
022: ******************************************************************************/package org.jboss.portal.test.cms.security;
023:
024: import junit.framework.TestSuite;
025: import org.jboss.portal.cms.CMSException;
026: import org.jboss.portal.cms.Command;
027: import org.jboss.portal.cms.impl.ContentImpl;
028: import org.jboss.portal.cms.impl.FileImpl;
029: import org.jboss.portal.cms.impl.FolderImpl;
030: import org.jboss.portal.cms.model.Content;
031: import org.jboss.portal.cms.model.File;
032: import org.jboss.portal.cms.model.Folder;
033:
034: import java.util.Date;
035: import java.util.List;
036: import java.util.Locale;
037:
038: /** @author Sohil Shah - sohil.shah@jboss.com - Nov 30, 2006 */
039: public class TestWriteAccess extends SecureCommandTestCase {
040: String rejectPath = "/default/private";
041: String allowedPath = "/default/images";
042: String rootFolderPath = "/";
043:
044: /**
045: *
046: *
047: */
048: public TestWriteAccess() {
049: }
050:
051: /**
052: *
053: *
054: */
055: public static TestSuite suite() throws Exception {
056: return createTestSuite(TestWriteAccess.class);
057: }
058:
059: /** @return */
060: private Folder getNewPublicFolder() {
061: //create folder object
062: Folder folder = new FolderImpl();
063: folder.setCreationDate(new Date());
064: folder.setDescription("Folder Description");
065: folder.setTitle("Folder Title");
066: folder.setLastModified(new Date());
067: folder.setName("Unit Test");
068: folder.setBasePath(this .allowedPath + "/" + folder.getName());
069:
070: return folder;
071: }
072:
073: /** @return */
074: private Folder getNewProtectedFolder() {
075: //create folder object
076: Folder folder = new FolderImpl();
077: folder.setCreationDate(new Date());
078: folder.setDescription("Folder Description");
079: folder.setTitle("Folder Title");
080: folder.setLastModified(new Date());
081: folder.setName("Unit Test");
082: folder.setBasePath(this .rejectPath + "/" + folder.getName());
083:
084: return folder;
085: }
086:
087: /** @return */
088: private Folder getNewRootFolder() {
089: //create folder object
090: Folder folder = new FolderImpl();
091: folder.setCreationDate(new Date());
092: folder.setDescription("Folder Description");
093: folder.setTitle("Folder Title");
094: folder.setLastModified(new Date());
095: folder.setName("Unit Test");
096: folder.setBasePath(this .rootFolderPath + folder.getName());
097:
098: return folder;
099: }
100:
101: /**
102: * @param folder
103: * @return
104: */
105: private File getFile(Folder folder, String fileName, String data) {
106: File file = new FileImpl();
107: file.setBasePath(folder.getBasePath() + "/" + fileName);
108:
109: Content content = new ContentImpl();
110: content.setEncoding("UTF-8");
111: content.setTitle("English Title");
112: content.setDescription("English Description");
113: content.setBasePath(file.getBasePath() + "/"
114: + Locale.ENGLISH.getLanguage());
115: content.setBytes(data.getBytes());
116: content.setMimeType("text/html");
117: file.setContent(Locale.ENGLISH, content);
118:
119: return file;
120: }
121:
122: /**
123: *
124: *
125: */
126: private void runWriteScenario(Folder folder) throws CMSException {
127: //Create a new folder
128: Command newFolder = this .service.getCommandFactory()
129: .createFolderSaveCommand(folder);
130: this .service.execute(newFolder);
131:
132: //Assert the successfull creation of the folder
133: Command get = service.getCommandFactory()
134: .createFolderGetCommand(folder.getBasePath());
135: Folder assertFolder = (Folder) service.execute(get);
136: assertNotNull(assertFolder);
137: assertEquals(folder.getDescription(), assertFolder
138: .getDescription());
139: assertEquals(folder.getName(), assertFolder.getName());
140: assertEquals(folder.getBasePath(), assertFolder.getBasePath());
141:
142: //Create a new file into the newly created folder
143: File file = this .getFile(assertFolder, "testFile.html",
144: "newdata");
145: Command newFile = this .service.getCommandFactory()
146: .createNewFileCommand(file, file.getContent());
147: this .service.execute(newFile);
148:
149: //Assert the creation of the new file
150: get = this .service.getCommandFactory().createFileGetCommand(
151: file.getBasePath(), file.getContent().getLocale());
152: File assertFile = (File) this .service.execute(get);
153: assertNotNull(assertFile);
154: assertEquals(file.getBasePath(), assertFile.getBasePath());
155: assertEquals(new String(file.getContent().getBytes()),
156: new String(assertFile.getContent().getBytes()));
157:
158: //Update the newly created file
159: file = assertFile;
160: file.getContent()
161: .setBytes(new String("updateddata").getBytes());
162: Command updateFile = this .service.getCommandFactory()
163: .createUpdateFileCommand(file, file.getContent(), true);
164: this .service.execute(updateFile);
165:
166: //Assert the updated file
167: get = this .service.getCommandFactory().createFileGetCommand(
168: file.getBasePath(), file.getContent().getLocale());
169: assertFile = (File) this .service.execute(get);
170: assertNotNull(assertFile);
171: assertEquals(file.getBasePath(), assertFile.getBasePath());
172: assertEquals(new String(file.getContent().getBytes()),
173: new String(assertFile.getContent().getBytes()));
174:
175: //Get the versions of the file
176: get = this .service.getCommandFactory()
177: .createContentGetVersionsCommand(
178: file.getContent().getBasePath());
179: List before = (List) this .service.execute(get);
180:
181: //Create a new version of this file
182: file = this .getFile(folder, "testFile.html", "newversion");
183: Command fileUpdate = this .service.getCommandFactory()
184: .createFileUpdateCommand(file);
185: Command createNewVersion = this .service.getCommandFactory()
186: .createContentCreateNewVersionCommand(
187: file.getContent(), true);
188: this .service.execute(fileUpdate);
189: this .service.execute(createNewVersion);
190:
191: //Assert new version creation
192: get = this .service.getCommandFactory().createFileGetCommand(
193: file.getBasePath(), file.getContent().getLocale());
194: assertFile = (File) this .service.execute(get);
195: assertNotNull(assertFile);
196: assertEquals(file.getBasePath(), assertFile.getBasePath());
197: assertEquals(new String(file.getContent().getBytes()),
198: new String(assertFile.getContent().getBytes()));
199:
200: //Assert number of versions after
201: get = this .service.getCommandFactory()
202: .createContentGetVersionsCommand(
203: file.getContent().getBasePath());
204: List after = (List) this .service.execute(get);
205: assertEquals(before.size() + 1, after.size());
206: }
207:
208: /** @throws Exception */
209: public void testAnonymous() throws Exception {
210: // first run against non-access scenario
211: try {
212: this .runWriteScenario(this .getNewProtectedFolder());
213: assertTrue("Access should not have been granted to"
214: + this .rejectPath, false);
215: } catch (CMSException cme) {
216: // assert and make sure access was not granted
217: String cmeMessage = cme.toString();
218: assertTrue(cmeMessage
219: .indexOf("Access to this resource is denied") != -1);
220: }
221:
222: // now run against scenario where access should be granted for a registered user
223: //for anonymous, this should still result in an access denied
224: try {
225: this .runWriteScenario(this .getNewPublicFolder());
226: assertTrue("Access should not have been granted to"
227: + this .rejectPath, false);
228: } catch (CMSException cme) {
229: // assert and make sure access was granted
230: String cmeMessage = cme.toString();
231: assertTrue(cmeMessage
232: .indexOf("Access to this resource is denied") != -1);
233: }
234: }
235:
236: /** @throws Exception */
237: public void testUser() throws Exception {
238: this .runAs("user");
239:
240: // first run against non-access scenario
241: try {
242: this .runWriteScenario(this .getNewProtectedFolder());
243: assertTrue("Access should not have been granted to"
244: + this .rejectPath, false);
245: } catch (CMSException cme) {
246: // assert and make sure access was not granted
247: String cmeMessage = cme.toString();
248: assertTrue(cmeMessage
249: .indexOf("Access to this resource is denied") != -1);
250: }
251:
252: // now run against scenario where access should be granted for a registered user
253: //for anonymous, this should still result in an access denied
254: try {
255: this .runWriteScenario(this .getNewPublicFolder());
256: } catch (CMSException cme) {
257: // assert and make sure access was granted
258: String cmeMessage = cme.toString();
259: assertTrue(cmeMessage
260: .indexOf("Access to this resource is denied") == -1);
261: }
262: }
263:
264: /** @throws Exception */
265: public void testAdmin() throws Exception {
266: this .runAs("admin");
267:
268: // first run against non-access scenario
269: try {
270: this .runWriteScenario(this .getNewProtectedFolder());
271: } catch (CMSException cme) {
272: // assert and make sure access was not granted
273: String cmeMessage = cme.toString();
274: assertTrue(cmeMessage
275: .indexOf("Access to this resource is denied") == -1);
276: }
277:
278: // now run against scenario where access should be granted for a registered user
279: //for anonymous, this should still result in an access denied
280: try {
281: this .runWriteScenario(this .getNewPublicFolder());
282: } catch (CMSException cme) {
283: // assert and make sure access was granted
284: String cmeMessage = cme.toString();
285: assertTrue(cmeMessage
286: .indexOf("Access to this resource is denied") == -1);
287: }
288:
289: //now run against scenario where access should be granted for a registered user
290: //for anonymous, this should still result in an access denied
291: try {
292: this .runWriteScenario(this .getNewRootFolder());
293: } catch (CMSException cme) {
294: // assert and make sure access was granted
295: String cmeMessage = cme.toString();
296: assertTrue(cmeMessage
297: .indexOf("Access to this resource is denied") == -1);
298: }
299: }
300:
301: /** @throws Exception */
302: public void testSysAdmin() throws Exception {
303: this .runAs("sysadmin");
304:
305: // first run against non-access scenario
306: try {
307: this .runWriteScenario(this .getNewProtectedFolder());
308: } catch (CMSException cme) {
309: // assert and make sure access was not granted
310: String cmeMessage = cme.toString();
311: assertTrue(cmeMessage
312: .indexOf("Access to this resource is denied") == -1);
313: }
314:
315: // now run against scenario where access should be granted for a registered user
316: //for anonymous, this should still result in an access denied
317: try {
318: this .runWriteScenario(this .getNewPublicFolder());
319: } catch (CMSException cme) {
320: // assert and make sure access was granted
321: String cmeMessage = cme.toString();
322: assertTrue(cmeMessage
323: .indexOf("Access to this resource is denied") == -1);
324: }
325:
326: //now run against scenario where access should be granted for a registered user
327: //for anonymous, this should still result in an access denied
328: try {
329: this .runWriteScenario(this .getNewRootFolder());
330: } catch (CMSException cme) {
331: // assert and make sure access was granted
332: String cmeMessage = cme.toString();
333: assertTrue(cmeMessage
334: .indexOf("Access to this resource is denied") == -1);
335: }
336: }
337: }
|