archiva-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From och...@apache.org
Subject svn commit: r701791 - /archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/RepositoryServletSecurityTest.java
Date Sun, 05 Oct 2008 13:12:16 GMT
Author: oching
Date: Sun Oct  5 06:12:15 2008
New Revision: 701791

URL: http://svn.apache.org/viewvc?rev=701791&view=rev
Log:
update test cases

Modified:
    archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/RepositoryServletSecurityTest.java

Modified: archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/RepositoryServletSecurityTest.java
URL: http://svn.apache.org/viewvc/archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/RepositoryServletSecurityTest.java?rev=701791&r1=701790&r2=701791&view=diff
==============================================================================
--- archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/RepositoryServletSecurityTest.java
(original)
+++ archiva/branches/archiva-security-fix/archiva-modules/archiva-web/archiva-webdav/src/test/java/org/apache/maven/archiva/webdav/RepositoryServletSecurityTest.java
Sun Oct  5 06:12:15 2008
@@ -247,16 +247,33 @@
         servlet = (RepositoryServlet) ic.getServlet();
         servlet.setDavSessionProvider( davSessionProvider );
 
+        ArchivaDavResourceFactory archivaDavResourceFactory = (ArchivaDavResourceFactory)
servlet.getResourceFactory();
+        archivaDavResourceFactory.setHttpAuth( httpAuth );
+        archivaDavResourceFactory.setServletAuth( servletAuth );
+
+        servlet.setResourceFactory( archivaDavResourceFactory );
+        
         AuthenticationResult result = new AuthenticationResult();
         httpAuthControl.expectAndReturn( httpAuth.getAuthenticationResult( null, null ),
result );
         servletAuthControl.expectAndThrow( servletAuth.isAuthenticated( null, null ),
                                            new AuthenticationException( "Authentication error"
) );
-        // servletAuthControl.expectAndReturn( servletAuth.isAuthorized( "guest", "internal"
), true );
-
+        servletAuthControl.expectAndReturn( servletAuth.isAuthorized( "guest", "internal"
), true );
+        
+     // ArchivaDavResourceFactory#isAuthorized()
+        SecuritySession session = new DefaultSecuritySession();
+        httpAuthControl.expectAndReturn( httpAuth.getAuthenticationResult( null, null ),
result );
+        httpAuthControl.expectAndReturn( httpAuth.getSecuritySession(), session );
+        servletAuthControl.expectAndThrow( servletAuth.isAuthenticated( null, result ),
+                                           new AuthenticationException( "Authentication error"
) );
+        
+        // check if guest has write access
+        servletAuthControl.expectAndReturn( servletAuth.isAuthorized( "guest", "internal"
), true );
+        
         httpAuthControl.replay();
         servletAuthControl.replay();
 
-        WebResponse response = sc.getResponse( request );
+        //WebResponse response = sc.getResponse( request );
+        servlet.service( ic.getRequest(), ic.getResponse() );
 
         httpAuthControl.verify();
         servletAuthControl.verify();
@@ -460,8 +477,7 @@
         AuthenticationResult result = new AuthenticationResult();
         httpAuthControl.expectAndReturn( httpAuth.getAuthenticationResult( null, null ),
result );
         servletAuthControl.expectAndReturn( servletAuth.isAuthenticated( null, null ), true
);
-        //servletAuthControl.expectAndReturn( servletAuth.isAuthorized( "guest", "internal"
), true );
-
+        
      // ArchivaDavResourceFactory#isAuthorized()
         SecuritySession session = new DefaultSecuritySession();
         httpAuthControl.expectAndReturn( httpAuth.getAuthenticationResult( null, null ),
result );
@@ -474,13 +490,11 @@
 
         WebResponse response = sc.getResponse( request );
         
-        //servlet.service( ic.getRequest(), ic.getResponse() );
-
         httpAuthControl.verify();
         servletAuthControl.verify();
 
-        //assertEquals( HttpServletResponse.SC_OK, response.getResponseCode() );
-        //assertEquals( "Expected file contents", expectedArtifactContents, response.getText()
);
+        assertEquals( HttpServletResponse.SC_OK, response.getResponseCode() );
+        assertEquals( "Expected file contents", expectedArtifactContents, response.getText()
);
     }
 
     // test get with valid user with no read access to repo



Mime
View raw message