directory-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From vte...@apache.org
Subject svn commit: r155029 [2/2] - in incubator/directory/authx/trunk: api/src/java/org/apache/authx/authorization/ example/src/java/org/apache/authx/example/web/ example/src/webapp/WEB-INF/ impl/src/java/org/apache/authx/authorization/ impl/src/java/org/apache/authx/authorization/condition/ impl/src/java/org/apache/authx/authorization/effect/ impl/src/java/org/apache/authx/authorization/predicate/ impl/src/test/org/apache/authx/authorization/ impl/src/test/org/apache/authx/authorization/effect/ script/src/java/org/apache/authx/script/xml/ script/src/java/org/apache/authx/script/xml/builder/ script/src/test/org/apache/authx/script/xml/
Date Wed, 23 Feb 2005 17:14:36 GMT
Added: incubator/directory/authx/trunk/script/src/java/org/apache/authx/script/xml/builder/LogicalConditionBuilder.java
URL: http://svn.apache.org/viewcvs/incubator/directory/authx/trunk/script/src/java/org/apache/authx/script/xml/builder/LogicalConditionBuilder.java?view=auto&rev=155029
==============================================================================
--- incubator/directory/authx/trunk/script/src/java/org/apache/authx/script/xml/builder/LogicalConditionBuilder.java
(added)
+++ incubator/directory/authx/trunk/script/src/java/org/apache/authx/script/xml/builder/LogicalConditionBuilder.java
Wed Feb 23 09:14:19 2005
@@ -0,0 +1,64 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.authx.script.xml.builder;
+
+import org.apache.authx.authorization.Condition;
+import org.dom4j.Element;
+
+import java.util.Iterator;
+
+public abstract class LogicalConditionBuilder extends AbstractElementBuilder
+{
+    protected final String m_elementName;
+
+    protected LogicalConditionBuilder( String elementName )
+    {
+        m_elementName = elementName;
+    }
+
+    public boolean canBuild( Element e )
+    {
+        return hasProperName( e );
+    }
+
+    public Object buildFrom( Element e )
+    {
+        Condition p = getSeed();
+
+        for ( Iterator it = e.elementIterator(); it.hasNext(); )
+        {
+            Element next = ( Element ) it.next();
+            p = compute( p, predicate( next ) );
+        }
+
+        return p;
+    }
+
+    protected abstract Condition getSeed();
+    
+    protected abstract Condition compute( Condition left, Condition right );
+
+    private boolean hasProperName( Element e )
+    {
+        return m_elementName.equals( e.getName() );
+    }
+
+    protected Condition predicate( Element e )
+    {
+        return ( Condition ) getParent().buildFrom( e );
+    }
+}

Propchange: incubator/directory/authx/trunk/script/src/java/org/apache/authx/script/xml/builder/LogicalConditionBuilder.java
------------------------------------------------------------------------------
    svn:executable = *

Added: incubator/directory/authx/trunk/script/src/java/org/apache/authx/script/xml/builder/OrConditionBuilder.java
URL: http://svn.apache.org/viewcvs/incubator/directory/authx/trunk/script/src/java/org/apache/authx/script/xml/builder/OrConditionBuilder.java?view=auto&rev=155029
==============================================================================
--- incubator/directory/authx/trunk/script/src/java/org/apache/authx/script/xml/builder/OrConditionBuilder.java
(added)
+++ incubator/directory/authx/trunk/script/src/java/org/apache/authx/script/xml/builder/OrConditionBuilder.java
Wed Feb 23 09:14:19 2005
@@ -0,0 +1,44 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.authx.script.xml.builder;
+
+import org.apache.authx.authorization.Condition;
+import org.apache.authx.authorization.condition.OrCondition;
+import org.apache.authx.authorization.condition.Predicates;
+
+public class OrConditionBuilder extends LogicalConditionBuilder
+{
+    public OrConditionBuilder()
+    {
+        this( "or" );
+    }
+
+    public OrConditionBuilder( String elementName )
+    {
+        super( elementName );
+    }
+
+    protected Condition getSeed()
+    {
+        return Predicates.FALSE;
+    }
+
+    public Condition compute( Condition left, Condition right )
+    {
+        return new OrCondition( left, right);
+    }
+}

Propchange: incubator/directory/authx/trunk/script/src/java/org/apache/authx/script/xml/builder/OrConditionBuilder.java
------------------------------------------------------------------------------
    svn:executable = *

Added: incubator/directory/authx/trunk/script/src/java/org/apache/authx/script/xml/builder/TrueConditionBuilder.java
URL: http://svn.apache.org/viewcvs/incubator/directory/authx/trunk/script/src/java/org/apache/authx/script/xml/builder/TrueConditionBuilder.java?view=auto&rev=155029
==============================================================================
--- incubator/directory/authx/trunk/script/src/java/org/apache/authx/script/xml/builder/TrueConditionBuilder.java
(added)
+++ incubator/directory/authx/trunk/script/src/java/org/apache/authx/script/xml/builder/TrueConditionBuilder.java
Wed Feb 23 09:14:19 2005
@@ -0,0 +1,45 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.authx.script.xml.builder;
+
+import org.apache.authx.authorization.condition.Predicates;
+import org.dom4j.Element;
+
+public class TrueConditionBuilder extends AbstractElementBuilder
+{
+    private final String m_elementName;
+
+    public TrueConditionBuilder()
+    {
+        this( "any" );
+    }
+
+    public TrueConditionBuilder( String elementName )
+    {
+        m_elementName = elementName;
+    }
+
+    public boolean canBuild( Element e )
+    {
+        return m_elementName.equals( e.getName() );
+    }
+
+    public Object buildFrom( Element e )
+    {
+        return Predicates.TRUE;
+    }
+}

Propchange: incubator/directory/authx/trunk/script/src/java/org/apache/authx/script/xml/builder/TrueConditionBuilder.java
------------------------------------------------------------------------------
    svn:executable = *

Modified: incubator/directory/authx/trunk/script/src/test/org/apache/authx/script/xml/Dom4JRuleSetBuilderTest.java
URL: http://svn.apache.org/viewcvs/incubator/directory/authx/trunk/script/src/test/org/apache/authx/script/xml/Dom4JRuleSetBuilderTest.java?view=diff&r1=155028&r2=155029
==============================================================================
--- incubator/directory/authx/trunk/script/src/test/org/apache/authx/script/xml/Dom4JRuleSetBuilderTest.java
(original)
+++ incubator/directory/authx/trunk/script/src/test/org/apache/authx/script/xml/Dom4JRuleSetBuilderTest.java
Wed Feb 23 09:14:19 2005
@@ -18,16 +18,17 @@
 
 import junit.framework.TestCase;
 import org.apache.authx.authorization.Policy;
-import org.apache.authx.authorization.SimpleAuthorizationRequest;
+import org.apache.authx.authorization.AuthorizationRequest;
 import org.apache.authx.authorization.effect.DenyOverridesEffect;
 import org.apache.authx.authorization.effect.Effects;
 import org.apache.authx.authorization.effect.PermitOverridesEffect;
+import org.apache.authx.authorization.effect.LastApplicableEffect;
 import org.apache.authx.script.testmodel.Groups;
 import org.apache.authx.script.testmodel.Permissions;
 import org.apache.authx.script.testmodel.Roles;
 import org.apache.authx.script.testmodel.Subjects;
 import org.apache.authx.script.testmodel.Usernames;
-import org.apache.authx.script.xml.builder.FalsePredicateBuilder;
+import org.apache.authx.script.xml.builder.FalseConditionBuilder;
 
 import java.io.StringReader;
 
@@ -59,7 +60,9 @@
         Policy policy = new Policy( new DenyOverridesEffect() );
         builder.buildRuleSet( policy );
 
-        assertEquals( Effects.DENY, policy.evaluate( new SimpleAuthorizationRequest( Subjects.anybody(),
Permissions.anything() ) ).reduce() );
+        AuthorizationRequest request = new AuthorizationRequest( Subjects.anybody(), Permissions.anything(),
new LastApplicableEffect() );
+        policy.evaluate( request );
+        assertEquals( Effects.DENY, request.outcome() );
     }
 
     public void testHasBuiltInSupportForRulingOnUsernames() throws Exception
@@ -80,7 +83,9 @@
         Policy policy = new Policy( new PermitOverridesEffect() );
         builder.buildRuleSet( policy );
 
-        assertEquals( Effects.GRANT, policy.evaluate( new SimpleAuthorizationRequest( Subjects.joe(),
Permissions.anything() ) ).reduce() );
+        AuthorizationRequest request = new AuthorizationRequest( Subjects.joe(), Permissions.anything(),
new LastApplicableEffect() );
+        policy.evaluate( request );
+        assertEquals( Effects.GRANT, request.outcome() );
     }
 
     public void testHasBuiltInSupportForRulingOnGroups() throws Exception
@@ -101,7 +106,9 @@
         Policy policy = new Policy( new PermitOverridesEffect() );
         builder.buildRuleSet( policy );
 
-        assertEquals( Effects.GRANT, policy.evaluate( new SimpleAuthorizationRequest( Subjects.with(
Groups.canadians() ), Permissions.anything() ) ).reduce() );
+        AuthorizationRequest request = new AuthorizationRequest( Subjects.with( Groups.canadians()
), Permissions.anything(), new LastApplicableEffect() );
+        policy.evaluate( request );
+        assertEquals( Effects.GRANT, request.outcome() );
     }
 
     public void testHasBuiltInSupportForRulingOnRoles() throws Exception
@@ -122,7 +129,9 @@
         Policy policy = new Policy( new PermitOverridesEffect() );
         builder.buildRuleSet( policy );
 
-        assertEquals( Effects.GRANT, policy.evaluate( new SimpleAuthorizationRequest( Subjects.with(
Roles.developer() ), Permissions.anything() )) .reduce() );
+        AuthorizationRequest request = new AuthorizationRequest( Subjects.with( Roles.developer()
), Permissions.anything(), new LastApplicableEffect() );
+        policy.evaluate( request );
+        assertEquals( Effects.GRANT, request.outcome() );
     }
 
     public void testPredicatesCanBeRegisteredToExtendRuling() throws Exception
@@ -139,12 +148,14 @@
                 "    </grant>\n" +
                 "</policy>";
         Dom4JRuleSetBuilder builder = Dom4JRuleSetBuilder.fromReader( new StringReader( grantToGreenEyes
) );
-        builder.registerBuilder( new HasEyeColorPredicateBuilder() );
+        builder.registerBuilder( new HasEyeColorConditionBuilder() );
 
         Policy policy = new Policy( new PermitOverridesEffect() );
         builder.buildRuleSet( policy );
 
-        assertEquals( Effects.GRANT, policy.evaluate( new SimpleAuthorizationRequest( Subjects.withGreenEyes(),
Permissions.anything() ) ).reduce() );
+        AuthorizationRequest request = new AuthorizationRequest( Subjects.withGreenEyes(),
Permissions.anything(), new LastApplicableEffect() );
+        policy.evaluate( request );
+        assertEquals( Effects.GRANT, request.outcome() );
     }
 
     public void testLastRegisteredBuilderWins() throws Exception
@@ -161,12 +172,14 @@
                 "    </grant>\n" +
                 "</policy>";
         Dom4JRuleSetBuilder builder = Dom4JRuleSetBuilder.fromReader( new StringReader( grantEveryone
) );
-        builder.registerBuilder( new FalsePredicateBuilder( "any" ) );
+        builder.registerBuilder( new FalseConditionBuilder( "any" ) );
 
         Policy policy = new Policy( new PermitOverridesEffect() );
         builder.buildRuleSet( policy );
 
-        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( new SimpleAuthorizationRequest(
Subjects.anybody(), Permissions.anything() ) ).reduce() );
+        AuthorizationRequest request = new AuthorizationRequest( Subjects.anybody(), Permissions.anything(),
new LastApplicableEffect() );
+        policy.evaluate( request );
+        assertEquals( Effects.NOT_APPLICABLE, request.outcome() );
     }
 
     public void testMultiplePredicatesAreCombinedWithAnOrOperation() throws Exception
@@ -188,9 +201,17 @@
         Policy policy = new Policy( new PermitOverridesEffect() );
         builder.buildRuleSet( policy );
 
-        assertEquals( Effects.GRANT, policy.evaluate( new SimpleAuthorizationRequest( Subjects.with(
Usernames.joe() ), Permissions.anything() ) ).reduce() );
-        assertEquals( Effects.GRANT, policy.evaluate( new SimpleAuthorizationRequest( Subjects.with(
Groups.canadians() ), Permissions.anything() ) ).reduce() );
-        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( new SimpleAuthorizationRequest(
Subjects.with( Roles.developer() ), Permissions.anything() ) ).reduce() );
+        AuthorizationRequest request = new AuthorizationRequest( Subjects.joe(), Permissions.anything(),
new LastApplicableEffect() );
+        policy.evaluate( request );
+        assertEquals( Effects.GRANT, request.outcome() );
+
+        request = new AuthorizationRequest( Subjects.with( Groups.canadians() ), Permissions.anything(),
new LastApplicableEffect() );
+        policy.evaluate( request );
+        assertEquals( Effects.GRANT, request.outcome() );
+
+        request = new AuthorizationRequest( Subjects.with( Roles.developer() ), Permissions.anything(),
new LastApplicableEffect() );
+        policy.evaluate( request );
+        assertEquals( Effects.NOT_APPLICABLE, request.outcome() );
     }
 
     public void testHasBuiltInSupportForAndOperationOnPredicates() throws Exception
@@ -201,7 +222,6 @@
                 "        <subjects>\n" +
                 "            <and>" +
                 "                <username>joeblow</username>\n" +
-                "                <group>geeks</group>\n" +
                 "                <role>developer</role>\n" +
                 "            </and>" +
                 "        </subjects>\n" +
@@ -215,10 +235,17 @@
         Policy policy = new Policy( new PermitOverridesEffect() );
         builder.buildRuleSet( policy );
 
-        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( new SimpleAuthorizationRequest(
Subjects.with( Usernames.joe() ), Permissions.anything() ) ).reduce() );
-        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( new SimpleAuthorizationRequest(
Subjects.with( Groups.geeks() ), Permissions.anything() ) ).reduce() );
-        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( new SimpleAuthorizationRequest(
Subjects.with( Roles.developer() ), Permissions.anything() ) ).reduce() );
-        assertEquals( Effects.GRANT, policy.evaluate( new SimpleAuthorizationRequest( Subjects.with(
Usernames.joe(), Groups.geeks(), Roles.developer() ), Permissions.anything() ) ).reduce()
);
+        AuthorizationRequest request = new AuthorizationRequest( Subjects.joe(), Permissions.anything(),
new LastApplicableEffect() );
+        policy.evaluate( request );
+        assertEquals( Effects.NOT_APPLICABLE, request.outcome() );
+
+        request = new AuthorizationRequest( Subjects.with( Roles.developer() ), Permissions.anything(),
new LastApplicableEffect() );
+        policy.evaluate( request );
+        assertEquals( Effects.NOT_APPLICABLE, request.outcome() );
+
+        request = new AuthorizationRequest( Subjects.with( Usernames.joe(), Roles.developer()
), Permissions.anything(), new LastApplicableEffect() );
+        policy.evaluate( request );
+        assertEquals( Effects.GRANT, request.outcome() );
     }
 
     public void testHasBuiltInSupportForOrOperationOnPredicates() throws Exception
@@ -242,9 +269,17 @@
         Policy policy = new Policy( new PermitOverridesEffect() );
         builder.buildRuleSet( policy );
 
-        assertEquals( Effects.GRANT, policy.evaluate( new SimpleAuthorizationRequest( Subjects.with(
Usernames.joe() ), Permissions.anything() ) ).reduce() );
-        assertEquals( Effects.GRANT, policy.evaluate( new SimpleAuthorizationRequest( Subjects.with(
Groups.geeks() ), Permissions.anything() ) ).reduce() );
-        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( new SimpleAuthorizationRequest(
Subjects.with( Roles.developer() ), Permissions.anything() ) ).reduce() );
+        AuthorizationRequest request = new AuthorizationRequest( Subjects.joe(), Permissions.anything(),
new LastApplicableEffect() );
+        policy.evaluate( request );
+        assertEquals( Effects.GRANT, request.outcome() );
+
+        request = new AuthorizationRequest( Subjects.with( Groups.geeks() ), Permissions.anything(),
new LastApplicableEffect() );
+        policy.evaluate( request );
+        assertEquals( Effects.GRANT, request.outcome() );
+
+        request = new AuthorizationRequest( Subjects.with( Roles.developer() ), Permissions.anything(),
new LastApplicableEffect() );
+        policy.evaluate( request );
+        assertEquals( Effects.NOT_APPLICABLE, request.outcome() );
     }
 
     public void testSubjectIsAnAliasForAndOperation() throws Exception
@@ -268,8 +303,16 @@
         Policy policy = new Policy( new PermitOverridesEffect() );
         builder.buildRuleSet( policy );
 
-        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( new SimpleAuthorizationRequest(
Subjects.with( Usernames.joe() ), Permissions.anything() ) ).reduce() );
-        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( new SimpleAuthorizationRequest(
Subjects.with( Roles.developer() ), Permissions.anything() ) ).reduce() );
-        assertEquals( Effects.GRANT, policy.evaluate( new SimpleAuthorizationRequest( Subjects.with(
Usernames.joe(), Roles.developer() ), Permissions.anything() ) ).reduce() );
+        AuthorizationRequest request = new AuthorizationRequest( Subjects.joe(), Permissions.anything(),
new LastApplicableEffect() );
+        policy.evaluate( request );
+        assertEquals( Effects.NOT_APPLICABLE, request.outcome() );
+
+        request = new AuthorizationRequest( Subjects.with( Roles.developer() ), Permissions.anything(),
new LastApplicableEffect() );
+        policy.evaluate( request );
+        assertEquals( Effects.NOT_APPLICABLE, request.outcome() );
+
+        request = new AuthorizationRequest( Subjects.with( Usernames.joe(), Roles.developer()
), Permissions.anything(), new LastApplicableEffect() );
+        policy.evaluate( request );
+        assertEquals( Effects.GRANT, request.outcome() );
     }
 }

Added: incubator/directory/authx/trunk/script/src/test/org/apache/authx/script/xml/HasEyeColorConditionBuilder.java
URL: http://svn.apache.org/viewcvs/incubator/directory/authx/trunk/script/src/test/org/apache/authx/script/xml/HasEyeColorConditionBuilder.java?view=auto&rev=155029
==============================================================================
--- incubator/directory/authx/trunk/script/src/test/org/apache/authx/script/xml/HasEyeColorConditionBuilder.java
(added)
+++ incubator/directory/authx/trunk/script/src/test/org/apache/authx/script/xml/HasEyeColorConditionBuilder.java
Wed Feb 23 09:14:19 2005
@@ -0,0 +1,35 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.authx.script.xml;
+
+import org.apache.authx.authorization.condition.HasPrincipalCondition;
+import org.apache.authx.script.testmodel.EyeColorPrincipal;
+import org.apache.authx.script.xml.builder.AbstractElementBuilder;
+import org.dom4j.Element;
+
+public class HasEyeColorConditionBuilder extends AbstractElementBuilder
+{
+    public boolean canBuild( Element e )
+    {
+        return "eye-color".equals( e.getName() );
+    }
+
+    public Object buildFrom( Element e )
+    {
+        return new HasPrincipalCondition( new EyeColorPrincipal( e.getTextTrim() ) );
+    }
+}

Propchange: incubator/directory/authx/trunk/script/src/test/org/apache/authx/script/xml/HasEyeColorConditionBuilder.java
------------------------------------------------------------------------------
    svn:executable = *



Mime
View raw message