You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@directory.apache.org by vt...@apache.org on 2004/03/27 04:33:50 UTC
svn commit: rev 9771 - in incubator/directory/janus/trunk/sandbox/src: java/org/apache/janus/script/xml test/org/apache/janus/script/xml
Author: vtence
Date: Fri Mar 26 19:33:49 2004
New Revision: 9771
Added:
incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/xml/Dom4JPolicyContextBuilder.java
incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/script/xml/Dom4JPolicyContextBuilderTest.java
Log:
o Working implementation of DIR-7 in sandbox
Added: incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/xml/Dom4JPolicyContextBuilder.java
==============================================================================
--- (empty file)
+++ incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/xml/Dom4JPolicyContextBuilder.java Fri Mar 26 19:33:49 2004
@@ -0,0 +1,111 @@
+/*
+ * Copyright 2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.janus.script.xml;
+
+import org.apache.janus.authorization.AccessPermission;
+import org.apache.janus.authorization.policy.MutablePolicyContext;
+import org.dom4j.Document;
+import org.dom4j.DocumentException;
+import org.dom4j.Element;
+import org.dom4j.io.SAXReader;
+
+import java.io.Reader;
+import java.util.Collection;
+import java.util.Iterator;
+
+/**
+ * @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
+ */
+public class Dom4JPolicyContextBuilder
+{
+ private Document m_doc;
+
+ public Dom4JPolicyContextBuilder( Reader reader ) throws DocumentException
+ {
+ m_doc = readDocument( reader );
+ }
+
+ private Document readDocument( Reader reader ) throws DocumentException
+ {
+ SAXReader xmlReader = new SAXReader();
+ Document doc = xmlReader.read( reader );
+
+ return doc;
+ }
+
+ public void buildPolicyContext(MutablePolicyContext context)
+ {
+ Element root = m_doc.getRootElement();
+ Element denials = root.element( "denials" );
+ addDenials( context, denials );
+ Element grants = root.element( "grants" );
+ addGrants( context, grants);
+ Element roles = root.element( "roles" );
+ addRoles( context, roles);
+ }
+
+ private void addRoles( MutablePolicyContext policy, Element roles )
+ {
+ Collection rolesList = roles.elements( "role" );
+
+ for ( Iterator it = rolesList.iterator(); it.hasNext(); )
+ {
+ final Element element = (Element) it.next();
+ addRole( policy, element );
+ }
+ }
+
+ private void addRole( MutablePolicyContext policy, final Element element )
+ {
+ String roleName = element.attributeValue( "name" );
+ Collection permissions = element.elements( "access" );
+ for ( Iterator iterator = permissions.iterator(); iterator.hasNext(); )
+ {
+ final Element e = (Element) iterator.next();
+ policy.addToRole( roleName, getPermission( e ));
+ }
+ }
+
+ private void addGrants( MutablePolicyContext policy, Element grants )
+ {
+ Collection grantsList = grants.elements( "access" );
+
+ for ( Iterator it = grantsList.iterator(); it.hasNext(); )
+ {
+ final Element element = (Element) it.next();
+ policy.addToUncheckedPolicy( getPermission( element ) );
+ }
+ }
+
+ private AccessPermission getPermission( final Element element )
+ {
+ String resource = element.attributeValue( "resource" );
+ AccessPermission p = new AccessPermission( resource );
+ return p;
+ }
+
+ private void addDenials( MutablePolicyContext policy, Element denials )
+ {
+ Collection denialsList = denials.elements( "access" );
+
+ for ( Iterator it = denialsList.iterator(); it.hasNext(); )
+ {
+ final Element element = (Element) it.next();
+ policy.addToExcludedPolicy( getPermission( element ) );
+ }
+ }
+}
Added: incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/script/xml/Dom4JPolicyContextBuilderTest.java
==============================================================================
--- (empty file)
+++ incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/script/xml/Dom4JPolicyContextBuilderTest.java Fri Mar 26 19:33:49 2004
@@ -0,0 +1,137 @@
+/*
+ * Copyright 2004 The Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ */
+package org.apache.janus.script.xml;
+
+import com.mockobjects.dynamic.C;
+import com.mockobjects.dynamic.Mock;
+import junit.framework.TestCase;
+import org.apache.janus.authorization.AccessPermission;
+import org.apache.janus.authorization.policy.MutablePolicyContext;
+
+import java.io.StringReader;
+
+/**
+ * @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
+ */
+public class Dom4JPolicyContextBuilderTest extends TestCase
+{
+ private Mock m_mockPolicyContext;
+
+ public static void main( String[] args )
+ {
+ junit.textui.TestRunner.run( Dom4JPolicyContextBuilderTest.class );
+ }
+
+ protected void setUp() throws Exception
+ {
+ m_mockPolicyContext = new Mock( MutablePolicyContext.class );
+ }
+
+ public void testExcludedStatements() throws Exception
+ {
+ Dom4JPolicyContextBuilder builder = new Dom4JPolicyContextBuilder( new StringReader(denialsDefinition()) );
+
+ m_mockPolicyContext.expectAndReturn( "addToExcludedPolicy",
+ C.args( C.eq( new AccessPermission( "/dev") ) ), true );
+ m_mockPolicyContext.expectAndReturn( "addToExcludedPolicy",
+ C.args( C.eq( new AccessPermission( "/proc") ) ), true );
+
+ builder.buildPolicyContext( (MutablePolicyContext) m_mockPolicyContext.proxy() );
+
+ m_mockPolicyContext.verify();
+ }
+
+ private String denialsDefinition()
+ {
+ String content = "<?xml version=\"1.0\"?>\n"
+ + "<policy>\n"
+ + " <denials>\n"
+ + " <access resource=\"/dev\"/>\n"
+ + " <access resource=\"/proc\"/>\n"
+ + " </denials>\n"
+ + " <roles/>\n"
+ + " <grants/>\n"
+ + "</policy>";
+
+ return content;
+ }
+
+ public void testUncheckedStatements() throws Exception
+ {
+ Dom4JPolicyContextBuilder builder = new Dom4JPolicyContextBuilder( new StringReader(grantsDefinition()) );
+
+ m_mockPolicyContext.expectAndReturn( "addToUncheckedPolicy",
+ C.args( C.eq( new AccessPermission( "/tmp") ) ), true );
+ m_mockPolicyContext.expectAndReturn( "addToUncheckedPolicy",
+ C.args( C.eq( new AccessPermission( "/public") ) ), true );
+
+ builder.buildPolicyContext( (MutablePolicyContext) m_mockPolicyContext.proxy() );
+
+ m_mockPolicyContext.verify();
+ }
+
+ private String grantsDefinition()
+ {
+ String content = "<?xml version=\"1.0\"?>\n"
+ + "<policy>\n"
+ + " <denials/>\n"
+ + " <roles/>\n"
+ + " <grants>\n"
+ + " <access resource=\"/tmp\"/>\n"
+ + " <access resource=\"/public\"/>\n"
+ + " </grants>\n"
+ + "</policy>";
+
+ return content;
+ }
+
+ public void testCheckedStatements() throws Exception
+ {
+ Dom4JPolicyContextBuilder builder = new Dom4JPolicyContextBuilder( new StringReader(rolesDefinition()) );
+
+ m_mockPolicyContext.expectAndReturn( "addToRole",
+ C.args( C.eq( "member" ), C.eq( new AccessPermission( "/home") ) ), true );
+ m_mockPolicyContext.expectAndReturn( "addToRole",
+ C.args( C.eq( "member" ), C.eq( new AccessPermission( "/usr") ) ), true );
+ m_mockPolicyContext.expectAndReturn( "addToRole",
+ C.args( C.eq( "guest" ), C.eq( new AccessPermission( "/share") ) ), true );
+
+ builder.buildPolicyContext( (MutablePolicyContext) m_mockPolicyContext.proxy() );
+
+ m_mockPolicyContext.verify();
+ }
+
+ private String rolesDefinition()
+ {
+ String content = "<?xml version=\"1.0\"?>\n"
+ + "<policy>\n"
+ + " <denials/>\n"
+ + " <roles>\n"
+ + " <role name=\"member\">\n"
+ + " <access resource=\"/home\"/>\n"
+ + " <access resource=\"/usr\"/>\n"
+ + " </role>\n"
+ + " <role name=\"guest\">\n"
+ + " <access resource=\"/share\"/>\n"
+ + " </role>\n"
+ + " </roles>\n"
+ + " <grants/>\n"
+ + "</policy>";
+
+ return content;
+ }
+}