directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From vte...@apache.org
Subject svn commit: rev 9771 - in incubator/directory/janus/trunk/sandbox/src: java/org/apache/janus/script/xml test/org/apache/janus/script/xml
Date Sat, 27 Mar 2004 03:33:50 GMT
Author: vtence
Date: Fri Mar 26 19:33:49 2004
New Revision: 9771

Added:
   incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/xml/Dom4JPolicyContextBuilder.java
   incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/script/xml/Dom4JPolicyContextBuilderTest.java
Log:
o Working implementation of DIR-7 in sandbox

Added: incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/xml/Dom4JPolicyContextBuilder.java
==============================================================================
--- (empty file)
+++ incubator/directory/janus/trunk/sandbox/src/java/org/apache/janus/script/xml/Dom4JPolicyContextBuilder.java
Fri Mar 26 19:33:49 2004
@@ -0,0 +1,111 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.janus.script.xml;
+
+import org.apache.janus.authorization.AccessPermission;
+import org.apache.janus.authorization.policy.MutablePolicyContext;
+import org.dom4j.Document;
+import org.dom4j.DocumentException;
+import org.dom4j.Element;
+import org.dom4j.io.SAXReader;
+
+import java.io.Reader;
+import java.util.Collection;
+import java.util.Iterator;
+
+/**
+ * @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
+ */
+public class Dom4JPolicyContextBuilder
+{
+    private Document m_doc;
+
+    public Dom4JPolicyContextBuilder( Reader reader ) throws DocumentException
+    {
+        m_doc = readDocument( reader );
+    }
+
+    private Document readDocument( Reader reader ) throws DocumentException
+    {
+        SAXReader xmlReader = new SAXReader();
+        Document doc = xmlReader.read( reader );
+
+        return doc;
+    }
+
+    public void buildPolicyContext(MutablePolicyContext context)
+    {
+        Element root = m_doc.getRootElement();
+        Element denials = root.element( "denials" );
+        addDenials( context, denials );
+        Element grants = root.element( "grants" );
+        addGrants( context, grants);
+        Element roles = root.element( "roles" );
+        addRoles( context, roles);
+    }
+
+    private void addRoles( MutablePolicyContext policy, Element roles )
+    {
+        Collection rolesList = roles.elements( "role" );
+
+        for ( Iterator it = rolesList.iterator(); it.hasNext(); )
+        {
+            final Element element = (Element) it.next();
+            addRole( policy, element );
+        }
+    }
+
+    private void addRole( MutablePolicyContext policy, final Element element )
+    {
+        String roleName = element.attributeValue( "name" );
+        Collection permissions = element.elements( "access" );
+        for ( Iterator iterator = permissions.iterator(); iterator.hasNext(); )
+        {
+            final Element e = (Element) iterator.next();
+            policy.addToRole( roleName, getPermission( e ));
+        }
+    }
+
+    private void addGrants( MutablePolicyContext policy, Element grants )
+    {
+        Collection grantsList = grants.elements( "access" );
+
+        for ( Iterator it = grantsList.iterator(); it.hasNext(); )
+        {
+            final Element element = (Element) it.next();
+            policy.addToUncheckedPolicy( getPermission( element ) );
+        }
+    }
+
+    private AccessPermission getPermission( final Element element )
+    {
+        String resource = element.attributeValue( "resource" );
+        AccessPermission p = new AccessPermission( resource );
+        return p;
+    }
+
+    private void addDenials( MutablePolicyContext policy, Element denials )
+    {
+        Collection denialsList = denials.elements( "access" );
+
+        for ( Iterator it = denialsList.iterator(); it.hasNext(); )
+        {
+            final Element element = (Element) it.next();
+            policy.addToExcludedPolicy( getPermission( element ) );
+        }
+    }
+}

Added: incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/script/xml/Dom4JPolicyContextBuilderTest.java
==============================================================================
--- (empty file)
+++ incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/script/xml/Dom4JPolicyContextBuilderTest.java
Fri Mar 26 19:33:49 2004
@@ -0,0 +1,137 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.janus.script.xml;
+
+import com.mockobjects.dynamic.C;
+import com.mockobjects.dynamic.Mock;
+import junit.framework.TestCase;
+import org.apache.janus.authorization.AccessPermission;
+import org.apache.janus.authorization.policy.MutablePolicyContext;
+
+import java.io.StringReader;
+
+/**
+ * @author <a href="mailto:directory-dev@incubator.apache.org">Apache Directory Project</a>
+ */
+public class Dom4JPolicyContextBuilderTest extends TestCase
+{
+    private Mock m_mockPolicyContext;
+
+    public static void main( String[] args )
+    {
+        junit.textui.TestRunner.run( Dom4JPolicyContextBuilderTest.class );
+    }
+
+    protected void setUp() throws Exception
+    {
+        m_mockPolicyContext = new Mock( MutablePolicyContext.class );
+    }
+
+    public void testExcludedStatements() throws Exception
+    {
+        Dom4JPolicyContextBuilder builder = new Dom4JPolicyContextBuilder( new StringReader(denialsDefinition())
);
+
+        m_mockPolicyContext.expectAndReturn( "addToExcludedPolicy",
+                C.args( C.eq( new AccessPermission( "/dev") ) ), true );
+        m_mockPolicyContext.expectAndReturn( "addToExcludedPolicy",
+                C.args( C.eq( new AccessPermission( "/proc") ) ), true );
+
+        builder.buildPolicyContext( (MutablePolicyContext) m_mockPolicyContext.proxy() );
+
+        m_mockPolicyContext.verify();
+    }
+
+    private String denialsDefinition()
+    {
+        String content = "<?xml version=\"1.0\"?>\n"
+                         + "<policy>\n"
+                         + "    <denials>\n"
+                         + "        <access resource=\"/dev\"/>\n"
+                         + "        <access resource=\"/proc\"/>\n"
+                         + "    </denials>\n"
+                         + "    <roles/>\n"
+                         + "    <grants/>\n"
+                         + "</policy>";
+
+        return content;
+    }
+
+    public void testUncheckedStatements() throws Exception
+    {
+        Dom4JPolicyContextBuilder builder = new Dom4JPolicyContextBuilder( new StringReader(grantsDefinition())
);
+
+        m_mockPolicyContext.expectAndReturn( "addToUncheckedPolicy",
+                C.args( C.eq( new AccessPermission( "/tmp") ) ), true );
+        m_mockPolicyContext.expectAndReturn( "addToUncheckedPolicy",
+                C.args( C.eq( new AccessPermission( "/public") ) ), true );
+
+        builder.buildPolicyContext( (MutablePolicyContext) m_mockPolicyContext.proxy() );
+
+        m_mockPolicyContext.verify();
+    }
+
+    private String grantsDefinition()
+    {
+        String content = "<?xml version=\"1.0\"?>\n"
+                         + "<policy>\n"
+                         + "    <denials/>\n"
+                         + "    <roles/>\n"
+                         + "    <grants>\n"
+                         + "        <access resource=\"/tmp\"/>\n"
+                         + "        <access resource=\"/public\"/>\n"
+                         + "    </grants>\n"
+                         + "</policy>";
+
+        return content;
+    }
+
+    public void testCheckedStatements() throws Exception
+    {
+        Dom4JPolicyContextBuilder builder = new Dom4JPolicyContextBuilder( new StringReader(rolesDefinition())
);
+
+        m_mockPolicyContext.expectAndReturn( "addToRole",
+                C.args( C.eq( "member" ), C.eq( new AccessPermission( "/home") ) ), true
);
+        m_mockPolicyContext.expectAndReturn( "addToRole",
+                C.args( C.eq( "member" ), C.eq( new AccessPermission( "/usr") ) ), true );
+        m_mockPolicyContext.expectAndReturn( "addToRole",
+                C.args( C.eq( "guest" ), C.eq( new AccessPermission( "/share") ) ), true
);
+
+        builder.buildPolicyContext( (MutablePolicyContext) m_mockPolicyContext.proxy() );
+
+        m_mockPolicyContext.verify();
+    }
+
+    private String rolesDefinition()
+    {
+        String content = "<?xml version=\"1.0\"?>\n"
+                         + "<policy>\n"
+                         + "    <denials/>\n"
+                         + "    <roles>\n"
+                         + "        <role name=\"member\">\n"
+                         + "            <access resource=\"/home\"/>\n"
+                         + "            <access resource=\"/usr\"/>\n"
+                         + "        </role>\n"
+                         + "        <role name=\"guest\">\n"
+                         + "            <access resource=\"/share\"/>\n"
+                         + "        </role>\n"
+                         + "    </roles>\n"
+                         + "    <grants/>\n"
+                         + "</policy>";
+
+        return content;
+    }
+}

Mime
View raw message