You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by vt...@apache.org on 2004/11/09 15:54:59 UTC
svn commit: rev 57046 - incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/authorization
Author: vtence
Date: Tue Nov 9 06:54:59 2004
New Revision: 57046
Modified:
incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/authorization/DefaultRuleTest.java
Log:
Simple rule implementation - enough for demonstration purposes and simple use cases
Modified: incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/authorization/DefaultRuleTest.java
==============================================================================
--- incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/authorization/DefaultRuleTest.java (original)
+++ incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/authorization/DefaultRuleTest.java Tue Nov 9 06:54:59 2004
@@ -18,10 +18,10 @@
import org.apache.janus.authentication.realm.UsernamePrincipal;
import org.apache.janus.authorization.effect.Effects;
-import org.apache.janus.authorization.effect.GrantEffect;
-import org.apache.janus.authorization.effect.NotApplicableEffect;
import org.apache.janus.authorization.predicate.FalsePredicate;
import org.apache.janus.authorization.predicate.HasPrincipalPredicate;
+import org.apache.janus.authorization.predicate.ImpliedPermissionPredicate;
+import org.apache.janus.authorization.predicate.TruePredicate;
import org.jmock.MockObjectTestCase;
import javax.security.auth.Subject;
@@ -38,33 +38,31 @@
junit.textui.TestRunner.run( DefaultRuleTest.class );
}
- // Example rule:
- // Doctor in group A with username starting with A-N is granted access to folder "patients"
-
- // Doctor who is in charge of patient can access files of patient
-
- /**
- * TODO:
- * -- valid condition on subject -> effect
- * -- invalid condition on subject -> not applicable
- * indeterminate condition on subject -> indeterminate
- * valid condition on resource -> effect
- * invalid condition on resource -> not applicable
- * indeterminate condition on resource -> indeterminate
- */
+ protected void setUp() throws Exception
+ {
+ m_rule = new DefaultRule();
+ }
- public void testValidConditionOnSubject()
+ public void testEvaluatesToRuleEffectIfTargetVerifiesCondition()
{
- m_rule = new DefaultRule( Effects.GRANT );
- m_rule.setSubjectCondition( new HasPrincipalPredicate( new UsernamePrincipal( "johnDoe" ) ) );
- assertTrue( m_rule.evaluate( john() ) instanceof GrantEffect );
+ m_rule.setEffect( Effects.DENY );
+ m_rule.matchSubjects( new HasPrincipalPredicate( new UsernamePrincipal( "johnDoe" ) ) );
+ m_rule.matchPermissions( new ImpliedPermissionPredicate( new SomePermission() ) );
+ assertEquals( Effects.DENY, m_rule.evaluate( john(), new SomePermission() ) );
}
public void testIsNotApplicableIfSubjectConditionIsNotVerified()
{
- m_rule = new DefaultRule( Effects.GRANT );
- m_rule.setSubjectCondition( new FalsePredicate() );
- assertTrue( m_rule.evaluate( john() ) instanceof NotApplicableEffect );
+ m_rule.matchSubjects( new FalsePredicate() );
+ m_rule.matchPermissions( new TruePredicate() );
+ assertEquals( Effects.NOT_APPLICABLE, m_rule.evaluate( john(), new SomePermission() ) );
+ }
+
+ public void testIsNotApplicableIfPermissionConditionIsNotVerified()
+ {
+ m_rule.matchSubjects( new TruePredicate() );
+ m_rule.matchPermissions( new FalsePredicate() );
+ assertEquals( Effects.NOT_APPLICABLE, m_rule.evaluate( john(), new SomePermission() ) );
}
private Subject john()