directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From vte...@apache.org
Subject svn commit: rev 57046 - incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/authorization
Date Tue, 09 Nov 2004 14:54:59 GMT
Author: vtence
Date: Tue Nov  9 06:54:59 2004
New Revision: 57046

Modified:
   incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/authorization/DefaultRuleTest.java
Log:
Simple rule implementation - enough for demonstration purposes and simple use cases

Modified: incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/authorization/DefaultRuleTest.java
==============================================================================
--- incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/authorization/DefaultRuleTest.java
(original)
+++ incubator/directory/janus/trunk/sandbox/src/test/org/apache/janus/authorization/DefaultRuleTest.java
Tue Nov  9 06:54:59 2004
@@ -18,10 +18,10 @@
 
 import org.apache.janus.authentication.realm.UsernamePrincipal;
 import org.apache.janus.authorization.effect.Effects;
-import org.apache.janus.authorization.effect.GrantEffect;
-import org.apache.janus.authorization.effect.NotApplicableEffect;
 import org.apache.janus.authorization.predicate.FalsePredicate;
 import org.apache.janus.authorization.predicate.HasPrincipalPredicate;
+import org.apache.janus.authorization.predicate.ImpliedPermissionPredicate;
+import org.apache.janus.authorization.predicate.TruePredicate;
 import org.jmock.MockObjectTestCase;
 
 import javax.security.auth.Subject;
@@ -38,33 +38,31 @@
         junit.textui.TestRunner.run( DefaultRuleTest.class );
     }
 
-    // Example rule:
-    // Doctor in group A with username starting with A-N is granted access to folder "patients"
-
-    // Doctor who is in charge of patient can access files of patient
-
-    /**
-     * TODO:
-     * -- valid condition on subject -> effect
-     * -- invalid condition on subject -> not applicable
-     * indeterminate condition on subject -> indeterminate
-     * valid condition on resource -> effect
-     * invalid condition on resource -> not applicable
-     * indeterminate condition on resource -> indeterminate
-     */
+    protected void setUp() throws Exception
+    {
+        m_rule = new DefaultRule();
+    }
 
-    public void testValidConditionOnSubject()
+    public void testEvaluatesToRuleEffectIfTargetVerifiesCondition()
     {
-        m_rule = new DefaultRule( Effects.GRANT );
-        m_rule.setSubjectCondition( new HasPrincipalPredicate( new UsernamePrincipal( "johnDoe"
) ) );
-        assertTrue( m_rule.evaluate( john() ) instanceof GrantEffect );
+        m_rule.setEffect( Effects.DENY );
+        m_rule.matchSubjects( new HasPrincipalPredicate( new UsernamePrincipal( "johnDoe"
) ) );
+        m_rule.matchPermissions( new ImpliedPermissionPredicate( new SomePermission() ) );
+        assertEquals( Effects.DENY, m_rule.evaluate( john(), new SomePermission() ) );
     }
 
     public void testIsNotApplicableIfSubjectConditionIsNotVerified()
     {
-        m_rule = new DefaultRule( Effects.GRANT );
-        m_rule.setSubjectCondition( new FalsePredicate() );
-        assertTrue( m_rule.evaluate( john() ) instanceof NotApplicableEffect );
+        m_rule.matchSubjects( new FalsePredicate() );
+        m_rule.matchPermissions( new TruePredicate() );
+        assertEquals( Effects.NOT_APPLICABLE, m_rule.evaluate( john(), new SomePermission()
) );
+    }
+
+    public void testIsNotApplicableIfPermissionConditionIsNotVerified()
+    {
+        m_rule.matchSubjects( new TruePredicate() );
+        m_rule.matchPermissions( new FalsePredicate() );
+        assertEquals( Effects.NOT_APPLICABLE, m_rule.evaluate( john(), new SomePermission()
) );
     }
 
     private Subject john()

Mime
View raw message