Return-Path: 
 <directory-cvs-return-3743-apmail-incubator-directory-cvs-archive=incubator.apache.org@incubator.apache.org>
Delivered-To: apmail-incubator-directory-cvs-archive@www.apache.org
Received: (qmail 29856 invoked from network); 18 Feb 2005 21:48:41 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur-2.apache.org with SMTP; 18 Feb 2005 21:48:41 -0000
Received: (qmail 46468 invoked by uid 500); 18 Feb 2005 21:48:41 -0000
Delivered-To: apmail-incubator-directory-cvs-archive@incubator.apache.org
Received: (qmail 46417 invoked by uid 500); 18 Feb 2005 21:48:41 -0000
Mailing-List: contact directory-cvs-help@incubator.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:directory-cvs-help@incubator.apache.org>
List-Unsubscribe: <mailto:directory-cvs-unsubscribe@incubator.apache.org>
List-Post: <mailto:directory-cvs@incubator.apache.org>
List-Id: <directory-cvs.incubator.apache.org>
Reply-To: directory-dev@incubator.apache.org
Delivered-To: mailing list directory-cvs@incubator.apache.org
Received: (qmail 46404 invoked by uid 99); 18 Feb 2005 21:48:40 -0000
X-ASF-Spam-Status: No, hits=-9.8 required=10.0
	tests=ALL_TRUSTED,NO_REAL_NAME
X-Spam-Check-By: apache.org
Received: from minotaur.apache.org (HELO minotaur.apache.org)
 (209.237.227.194)
  by apache.org (qpsmtpd/0.28) with SMTP; Fri, 18 Feb 2005 13:48:40 -0800
Received: (qmail 29835 invoked by uid 65534); 18 Feb 2005 21:48:38 -0000
Message-ID: <20050218214838.29832.qmail@minotaur.apache.org>
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Mailer: svnmailer-1.0.0-dev
Date: Fri, 18 Feb 2005 21:48:38 -0000
Subject: svn commit: r154356 - in incubator/directory/authx/trunk:
 api/src/java/org/apache/authx/authorization/
 impl/src/java/org/apache/authx/authorization/
 impl/src/test/org/apache/authx/authorization/
 script/src/test/org/apache/authx/script/xml/
To: directory-cvs@incubator.apache.org
From: vtence@apache.org
X-Virus-Checked: Checked
X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N

Author: vtence
Date: Fri Feb 18 13:48:35 2005
New Revision: 154356

URL: http://svn.apache.org/viewcvs?view=3Drev&rev=3D154356
Log:
Introduced the concept of AuthorizationRequest

Added:
    incubator/directory/authx/trunk/api/src/java/org/apache/authx/authoriza=
tion/AuthorizationRequest.java   (with props)
    incubator/directory/authx/trunk/api/src/java/org/apache/authx/authoriza=
tion/Predicate.java
    incubator/directory/authx/trunk/impl/src/java/org/apache/authx/authoriz=
ation/DefaultAuthorizationRequest.java   (with props)
Removed:
    incubator/directory/authx/trunk/impl/src/java/org/apache/authx/authoriz=
ation/Predicate.java
Modified:
    incubator/directory/authx/trunk/api/src/java/org/apache/authx/authoriza=
tion/Authorizer.java
    incubator/directory/authx/trunk/api/src/java/org/apache/authx/authoriza=
tion/Rule.java
    incubator/directory/authx/trunk/impl/src/java/org/apache/authx/authoriz=
ation/DefaultAuthorizer.java
    incubator/directory/authx/trunk/impl/src/java/org/apache/authx/authoriz=
ation/DefaultRule.java
    incubator/directory/authx/trunk/impl/src/java/org/apache/authx/authoriz=
ation/Policy.java
    incubator/directory/authx/trunk/impl/src/java/org/apache/authx/authoriz=
ation/PrimitiveRule.java
    incubator/directory/authx/trunk/impl/src/test/org/apache/authx/authoriz=
ation/DefaultAuthorizerTest.java
    incubator/directory/authx/trunk/impl/src/test/org/apache/authx/authoriz=
ation/DefaultRuleTest.java
    incubator/directory/authx/trunk/impl/src/test/org/apache/authx/authoriz=
ation/PolicyTest.java
    incubator/directory/authx/trunk/script/src/test/org/apache/authx/script=
/xml/Dom4JRuleSetBuilderTest.java

Added: incubator/directory/authx/trunk/api/src/java/org/apache/authx/author=
ization/AuthorizationRequest.java
URL: http://svn.apache.org/viewcvs/incubator/directory/authx/trunk/api/src/=
java/org/apache/authx/authorization/AuthorizationRequest.java?view=3Dauto&r=
ev=3D154356
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- incubator/directory/authx/trunk/api/src/java/org/apache/authx/authoriza=
tion/AuthorizationRequest.java (added)
+++ incubator/directory/authx/trunk/api/src/java/org/apache/authx/authoriza=
tion/AuthorizationRequest.java Fri Feb 18 13:48:35 2005
@@ -0,0 +1,11 @@
+/*
+ * Copyright (c) 2005 Your Corporation. All Rights Reserved.
+ */
+package org.apache.authx.authorization;
+
+public interface AuthorizationRequest
+{
+    boolean affectsSubject( Predicate subjectPredicate );
+
+    boolean targetsPermission( Predicate permissionPredicate );
+}

Propchange: incubator/directory/authx/trunk/api/src/java/org/apache/authx/a=
uthorization/AuthorizationRequest.java
---------------------------------------------------------------------------=
---
    svn:executable =3D *

Modified: incubator/directory/authx/trunk/api/src/java/org/apache/authx/aut=
horization/Authorizer.java
URL: http://svn.apache.org/viewcvs/incubator/directory/authx/trunk/api/src/=
java/org/apache/authx/authorization/Authorizer.java?view=3Ddiff&r1=3D154355=
&r2=3D154356
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- incubator/directory/authx/trunk/api/src/java/org/apache/authx/authoriza=
tion/Authorizer.java (original)
+++ incubator/directory/authx/trunk/api/src/java/org/apache/authx/authoriza=
tion/Authorizer.java Fri Feb 18 13:48:35 2005
@@ -16,7 +16,7 @@
  */
 package org.apache.authx.authorization;
=20
-import javax.security.auth.Subject;
+
=20
 /**
  * An <code>Authorizer</code> is a security
@@ -24,15 +24,9 @@
  * responding to an authorization request
  * by rendering an authorization decision.
  * <p>
- * At this stage, no authorization request
- * abstraction exist yet, but that may change
- * soon. For the time being, an authorization request
- * is composed of a requested <code>Permission</code>
- * on behalf of a given subject.
- * <p>
- * No abstraction of authorization
- * decision exist either and a boolean representation
- * is used. That should change as well to support
+ * At this stage, no abstraction of authorization
+ * decision exist and a boolean representation
+ * is used. That could change at some point to support
  * a richer authorization model that associates positive
  * decisions to sets of obligations to which the client
  * must compell.
@@ -43,10 +37,9 @@
      * Renders an authorization decision in response
      * to the given authorization request.
      *
-     * @param s The subject requesting a permission
-     * @param p The targeted permission=20
+     * @param request The authorization request to evaluate
      * @return true if case of a positive decision,
      *         false otherwise
      */
-    boolean authorize( Subject s, Permission p );
+    boolean renderDecision( AuthorizationRequest request );
 }

Added: incubator/directory/authx/trunk/api/src/java/org/apache/authx/author=
ization/Predicate.java
URL: http://svn.apache.org/viewcvs/incubator/directory/authx/trunk/api/src/=
java/org/apache/authx/authorization/Predicate.java?view=3Dauto&rev=3D154356
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- incubator/directory/authx/trunk/api/src/java/org/apache/authx/authoriza=
tion/Predicate.java (added)
+++ incubator/directory/authx/trunk/api/src/java/org/apache/authx/authoriza=
tion/Predicate.java Fri Feb 18 13:48:35 2005
@@ -0,0 +1,25 @@
+/*
+ *   Copyright 2004 The Apache Software Foundation
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *       http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or impli=
ed.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ *
+ */
+package org.apache.authx.authorization;
+
+/**
+ * @author <a href=3D"mailto:vtence@apache.org">Vincent Tence</a>
+ */
+public interface Predicate
+{
+    boolean evaluate( Object o );
+}

Modified: incubator/directory/authx/trunk/api/src/java/org/apache/authx/aut=
horization/Rule.java
URL: http://svn.apache.org/viewcvs/incubator/directory/authx/trunk/api/src/=
java/org/apache/authx/authorization/Rule.java?view=3Ddiff&r1=3D154355&r2=3D=
154356
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- incubator/directory/authx/trunk/api/src/java/org/apache/authx/authoriza=
tion/Rule.java (original)
+++ incubator/directory/authx/trunk/api/src/java/org/apache/authx/authoriza=
tion/Rule.java Fri Feb 18 13:48:35 2005
@@ -23,5 +23,5 @@
  */
 public interface Rule
 {
-    Effect evaluate( Subject s, Permission p );
+    Effect evaluate( AuthorizationRequest request );
 }

Added: incubator/directory/authx/trunk/impl/src/java/org/apache/authx/autho=
rization/DefaultAuthorizationRequest.java
URL: http://svn.apache.org/viewcvs/incubator/directory/authx/trunk/impl/src=
/java/org/apache/authx/authorization/DefaultAuthorizationRequest.java?view=
=3Dauto&rev=3D154356
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- incubator/directory/authx/trunk/impl/src/java/org/apache/authx/authoriz=
ation/DefaultAuthorizationRequest.java (added)
+++ incubator/directory/authx/trunk/impl/src/java/org/apache/authx/authoriz=
ation/DefaultAuthorizationRequest.java Fri Feb 18 13:48:35 2005
@@ -0,0 +1,49 @@
+/*
+ * Copyright (c) 2005 Your Corporation. All Rights Reserved.
+ */
+package org.apache.authx.authorization;
+
+import javax.security.auth.Subject;
+
+public class DefaultAuthorizationRequest implements AuthorizationRequest
+{
+    private final Subject m_subject;
+    private final Permission m_permission;
+
+    public DefaultAuthorizationRequest( Subject subject, Permission permis=
sion )
+    {
+        m_subject =3D subject;
+        m_permission =3D permission;
+    }
+
+    public boolean affectsSubject( Predicate subjectPredicate )
+    {
+        return subjectPredicate.evaluate( m_subject );
+    }
+
+    public boolean targetsPermission( Predicate permissionPredicate )
+    {
+        return permissionPredicate.evaluate( m_permission );
+    }
+
+    public boolean equals( Object value )
+    {
+        if ( this =3D=3D value ) return true;
+        if ( !( value instanceof DefaultAuthorizationRequest ) ) return fa=
lse;
+
+        final DefaultAuthorizationRequest defaultAuthorizationRequest =3D =
( DefaultAuthorizationRequest ) value;
+
+        if ( !m_permission.equals( defaultAuthorizationRequest.m_permissio=
n ) ) return false;
+        if ( !m_subject.equals( defaultAuthorizationRequest.m_subject ) ) =
return false;
+
+        return true;
+    }
+
+    public int hashCode()
+    {
+        int result;
+        result =3D m_subject.hashCode();
+        result =3D 29 * result + m_permission.hashCode();
+        return result;
+    }
+}

Propchange: incubator/directory/authx/trunk/impl/src/java/org/apache/authx/=
authorization/DefaultAuthorizationRequest.java
---------------------------------------------------------------------------=
---
    svn:executable =3D *

Modified: incubator/directory/authx/trunk/impl/src/java/org/apache/authx/au=
thorization/DefaultAuthorizer.java
URL: http://svn.apache.org/viewcvs/incubator/directory/authx/trunk/impl/src=
/java/org/apache/authx/authorization/DefaultAuthorizer.java?view=3Ddiff&r1=
=3D154355&r2=3D154356
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- incubator/directory/authx/trunk/impl/src/java/org/apache/authx/authoriz=
ation/DefaultAuthorizer.java (original)
+++ incubator/directory/authx/trunk/impl/src/java/org/apache/authx/authoriz=
ation/DefaultAuthorizer.java Fri Feb 18 13:48:35 2005
@@ -18,7 +18,6 @@
=20
 import org.apache.authx.authorization.effect.Effects;
=20
-import javax.security.auth.Subject;
 import java.util.HashMap;
 import java.util.Map;
=20
@@ -38,9 +37,9 @@
         m_decisions.put( Effects.DENY, Boolean.FALSE );
     }
=20
-    public boolean authorize( Subject s, Permission p )
+    public boolean renderDecision( AuthorizationRequest request )
     {
-        Effect effect =3D m_ruleSet.evaluate( s, p ).reduce();
+        Effect effect =3D m_ruleSet.evaluate( request ).reduce();
         Boolean decision =3D ( Boolean ) m_decisions.get( effect );
=20
         return decision !=3D null ? decision.booleanValue() : m_defaultDec=
ision;

Modified: incubator/directory/authx/trunk/impl/src/java/org/apache/authx/au=
thorization/DefaultRule.java
URL: http://svn.apache.org/viewcvs/incubator/directory/authx/trunk/impl/src=
/java/org/apache/authx/authorization/DefaultRule.java?view=3Ddiff&r1=3D1543=
55&r2=3D154356
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- incubator/directory/authx/trunk/impl/src/java/org/apache/authx/authoriz=
ation/DefaultRule.java (original)
+++ incubator/directory/authx/trunk/impl/src/java/org/apache/authx/authoriz=
ation/DefaultRule.java Fri Feb 18 13:48:35 2005
@@ -67,4 +67,14 @@
     {
         return m_subjectPredicate.evaluate( s ) && m_permissionPredicate.e=
valuate( p );
     }
+
+    private boolean isApplicableTo( AuthorizationRequest request )
+    {
+        return request.affectsSubject( m_subjectPredicate ) && request.tar=
getsPermission( m_permissionPredicate );
+    }
+
+    public Effect evaluate( AuthorizationRequest request )
+    {
+        return isApplicableTo( request ) ? m_effect : Effects.NOT_APPLICAB=
LE;
+    }
 }

Modified: incubator/directory/authx/trunk/impl/src/java/org/apache/authx/au=
thorization/Policy.java
URL: http://svn.apache.org/viewcvs/incubator/directory/authx/trunk/impl/src=
/java/org/apache/authx/authorization/Policy.java?view=3Ddiff&r1=3D154355&r2=
=3D154356
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- incubator/directory/authx/trunk/impl/src/java/org/apache/authx/authoriz=
ation/Policy.java (original)
+++ incubator/directory/authx/trunk/impl/src/java/org/apache/authx/authoriz=
ation/Policy.java Fri Feb 18 13:48:35 2005
@@ -40,14 +40,14 @@
         m_rules.add( rule );
     }
=20
-    public Effect evaluate( Subject s, Permission p )
+    public Effect evaluate( AuthorizationRequest request )
     {
         Effect decision =3D m_effect;
=20
         for ( Iterator it =3D m_rules.iterator(); it.hasNext(); )
         {
             Rule rule =3D ( Rule ) it.next();
-            Effect effect =3D rule.evaluate( s, p );
+            Effect effect =3D rule.evaluate( request );
             decision =3D decision.add( effect );
         }
=20

Modified: incubator/directory/authx/trunk/impl/src/java/org/apache/authx/au=
thorization/PrimitiveRule.java
URL: http://svn.apache.org/viewcvs/incubator/directory/authx/trunk/impl/src=
/java/org/apache/authx/authorization/PrimitiveRule.java?view=3Ddiff&r1=3D15=
4355&r2=3D154356
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- incubator/directory/authx/trunk/impl/src/java/org/apache/authx/authoriz=
ation/PrimitiveRule.java (original)
+++ incubator/directory/authx/trunk/impl/src/java/org/apache/authx/authoriz=
ation/PrimitiveRule.java Fri Feb 18 13:48:35 2005
@@ -16,7 +16,7 @@
  */
 package org.apache.authx.authorization;
=20
-import javax.security.auth.Subject;
+
=20
 public class PrimitiveRule implements Rule
 {
@@ -27,7 +27,7 @@
         this.effect =3D effect;
     }
=20
-    public Effect evaluate( Subject s, Permission p )
+    public Effect evaluate( AuthorizationRequest request )
     {
         return effect;
     }

Modified: incubator/directory/authx/trunk/impl/src/test/org/apache/authx/au=
thorization/DefaultAuthorizerTest.java
URL: http://svn.apache.org/viewcvs/incubator/directory/authx/trunk/impl/src=
/test/org/apache/authx/authorization/DefaultAuthorizerTest.java?view=3Ddiff=
&r1=3D154355&r2=3D154356
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- incubator/directory/authx/trunk/impl/src/test/org/apache/authx/authoriz=
ation/DefaultAuthorizerTest.java (original)
+++ incubator/directory/authx/trunk/impl/src/test/org/apache/authx/authoriz=
ation/DefaultAuthorizerTest.java Fri Feb 18 13:48:35 2005
@@ -35,35 +35,35 @@
     {
         m_authorizer =3D new DefaultAuthorizer( new Policy( Effects.GRANT =
) );
         m_authorizer.denyIfUnsure();
-        assertTrue( m_authorizer.authorize( new Subject(), new SomePermiss=
ion() ) );
+        assertTrue( m_authorizer.renderDecision( new DefaultAuthorizationR=
equest( new Subject(), new SomePermission() ) ) );
     }
=20
     public void testTakesPositiveDecisionIfRuleIsNotApplicable()
     {
         m_authorizer =3D new DefaultAuthorizer( new Policy( Effects.NOT_AP=
PLICABLE ) );
         m_authorizer.denyIfUnsure();
-        assertTrue( m_authorizer.authorize( new Subject(), new SomePermiss=
ion() ) );
+        assertTrue( m_authorizer.renderDecision( new DefaultAuthorizationR=
equest( new Subject(), new SomePermission() ) ) );
     }
=20
     public void testTakesNegativeDecisionIfRuleSuggestDenial()
     {
         m_authorizer =3D new DefaultAuthorizer( new Policy( Effects.DENY )=
 );
         m_authorizer.grantIfUnsure();
-        assertFalse( m_authorizer.authorize( new Subject(), new SomePermis=
sion() ) );
+        assertFalse( m_authorizer.renderDecision( new DefaultAuthorization=
Request( new Subject(), new SomePermission() ) ) );
     }
=20
     public void testCanForceEffectToGrantDecision()
     {
         m_authorizer =3D new DefaultAuthorizer( new Policy( Effects.DENY )=
 );
         m_authorizer.grantOn( Effects.DENY );
-        assertTrue( m_authorizer.authorize( new Subject(), new SomePermiss=
ion() ) );
+        assertTrue( m_authorizer.renderDecision( new DefaultAuthorizationR=
equest( new Subject(), new SomePermission() ) ) );
     }
=20
     public void testCanForceEffectToDenyDecision()
     {
         m_authorizer =3D new DefaultAuthorizer( new Policy( Effects.NOT_AP=
PLICABLE ) );
         m_authorizer.denyOn( Effects.NOT_APPLICABLE );
-        assertFalse( m_authorizer.authorize( new Subject(), new SomePermis=
sion() ) );
+        assertFalse( m_authorizer.renderDecision( new DefaultAuthorization=
Request( new Subject(), new SomePermission() ) ) );
     }
=20
     public void testEffectsAreReducedBeforeTakingDecision()
@@ -71,6 +71,6 @@
         m_authorizer =3D new DefaultAuthorizer( new Policy( new PermitOver=
ridesEffect() ) );
         m_authorizer.grantIfUnsure();
         m_authorizer.denyOn( Effects.NOT_APPLICABLE );
-        assertFalse( m_authorizer.authorize( new Subject(), new SomePermis=
sion() ) );
+        assertFalse( m_authorizer.renderDecision( new DefaultAuthorization=
Request( new Subject(), new SomePermission() ) ) );
     }
 }

Modified: incubator/directory/authx/trunk/impl/src/test/org/apache/authx/au=
thorization/DefaultRuleTest.java
URL: http://svn.apache.org/viewcvs/incubator/directory/authx/trunk/impl/src=
/test/org/apache/authx/authorization/DefaultRuleTest.java?view=3Ddiff&r1=3D=
154355&r2=3D154356
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- incubator/directory/authx/trunk/impl/src/test/org/apache/authx/authoriz=
ation/DefaultRuleTest.java (original)
+++ incubator/directory/authx/trunk/impl/src/test/org/apache/authx/authoriz=
ation/DefaultRuleTest.java Fri Feb 18 13:48:35 2005
@@ -47,7 +47,7 @@
         m_rule.setEffect( Effects.DENY );
         m_rule.matchSubjects( new HasPrincipalPredicate( Usernames.john() =
) );
         m_rule.matchPermissions( new ImpliedPermissionPredicate( new SomeP=
ermission() ) );
-        assertEquals( Effects.DENY, m_rule.evaluate( Subjects.john(), new =
SomePermission() ) );
+        assertEquals( Effects.DENY, m_rule.evaluate( new DefaultAuthorizat=
ionRequest( Subjects.john(), new SomePermission() ) ));
     }
=20
     public void testSubjectConditionsAreCombinedIntoAnOrOperation()
@@ -56,8 +56,8 @@
         m_rule.matchSubjects( new HasPrincipalPredicate( Usernames.john() =
) );
         m_rule.matchSubjects( new HasPrincipalPredicate( Usernames.joe() )=
 );
         m_rule.matchPermissions( new ImpliedPermissionPredicate( new SomeP=
ermission() ) );
-        assertEquals( Effects.GRANT, m_rule.evaluate( Subjects.john(), new=
 SomePermission() ) );
-        assertEquals( Effects.GRANT, m_rule.evaluate( Subjects.joe(), new =
SomePermission() ) );
+        assertEquals( Effects.GRANT, m_rule.evaluate( new DefaultAuthoriza=
tionRequest( Subjects.john(), new SomePermission() ) ) );
+        assertEquals( Effects.GRANT, m_rule.evaluate( new DefaultAuthoriza=
tionRequest( Subjects.joe(), new SomePermission() ) ) );
     }
=20
     public void testPermissionConditionsAreCombinedIntoAnOrOperation()
@@ -66,21 +66,21 @@
         m_rule.matchSubjects( new HasPrincipalPredicate( Usernames.john() =
) );
         m_rule.matchPermissions( new ImpliedPermissionPredicate( new Basic=
Permission( "foo" ) ) );
         m_rule.matchPermissions( new ImpliedPermissionPredicate( new Basic=
Permission( "bar" ) ) );
-        assertEquals( Effects.GRANT, m_rule.evaluate( Subjects.john(), new=
 BasicPermission( "foo" ) ) );
-        assertEquals( Effects.GRANT, m_rule.evaluate( Subjects.john(), new=
 BasicPermission( "bar" ) ) );
+        assertEquals( Effects.GRANT, m_rule.evaluate( new DefaultAuthoriza=
tionRequest( Subjects.john(), new BasicPermission( "foo" ) ) ) );
+        assertEquals( Effects.GRANT, m_rule.evaluate( new DefaultAuthoriza=
tionRequest( Subjects.john(), new BasicPermission( "bar" ) ) ) );
     }
=20
     public void testIsNotApplicableIfSubjectConditionIsNotVerified()
     {
         m_rule.matchSubjects( new FalsePredicate() );
         m_rule.matchPermissions( new TruePredicate() );
-        assertEquals( Effects.NOT_APPLICABLE, m_rule.evaluate( Subjects.jo=
hn(), new SomePermission() ) );
+        assertEquals( Effects.NOT_APPLICABLE, m_rule.evaluate( new Default=
AuthorizationRequest( Subjects.john(), new SomePermission() ) ) );
     }
=20
     public void testIsNotApplicableIfPermissionConditionIsNotVerified()
     {
         m_rule.matchSubjects( new TruePredicate() );
         m_rule.matchPermissions( new FalsePredicate() );
-        assertEquals( Effects.NOT_APPLICABLE, m_rule.evaluate( Subjects.jo=
hn(), new SomePermission() ) );
+        assertEquals( Effects.NOT_APPLICABLE, m_rule.evaluate( new Default=
AuthorizationRequest( Subjects.john(), new SomePermission() ) ) );
     }
 }

Modified: incubator/directory/authx/trunk/impl/src/test/org/apache/authx/au=
thorization/PolicyTest.java
URL: http://svn.apache.org/viewcvs/incubator/directory/authx/trunk/impl/src=
/test/org/apache/authx/authorization/PolicyTest.java?view=3Ddiff&r1=3D15435=
5&r2=3D154356
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- incubator/directory/authx/trunk/impl/src/test/org/apache/authx/authoriz=
ation/PolicyTest.java (original)
+++ incubator/directory/authx/trunk/impl/src/test/org/apache/authx/authoriz=
ation/PolicyTest.java Fri Feb 18 13:48:35 2005
@@ -27,7 +27,7 @@
     public void testRendersDefaultDecisionWhenEmpty()
     {
         Policy policy =3D new Policy( new PermitOverridesEffect() );
-        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( new Subject=
(), new SomePermission() ).reduce() );
+        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( new Default=
AuthorizationRequest( new Subject(), new SomePermission() ) ).reduce() );
     }
=20
     public void testCombinesResultOfContainedRulesEvaluation()
@@ -36,6 +36,6 @@
         policy.addRule( new PrimitiveRule( Effects.DENY ) );
         policy.addRule( new PrimitiveRule( Effects.GRANT ) );
=20
-        assertEquals( Effects.GRANT, policy.evaluate( new Subject(), new S=
omePermission() ).reduce() );
+        assertEquals( Effects.GRANT, policy.evaluate( new DefaultAuthoriza=
tionRequest( new Subject(), new SomePermission() ) ).reduce() );
     }
 }

Modified: incubator/directory/authx/trunk/script/src/test/org/apache/authx/=
script/xml/Dom4JRuleSetBuilderTest.java
URL: http://svn.apache.org/viewcvs/incubator/directory/authx/trunk/script/s=
rc/test/org/apache/authx/script/xml/Dom4JRuleSetBuilderTest.java?view=3Ddif=
f&r1=3D154355&r2=3D154356
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
--- incubator/directory/authx/trunk/script/src/test/org/apache/authx/script=
/xml/Dom4JRuleSetBuilderTest.java (original)
+++ incubator/directory/authx/trunk/script/src/test/org/apache/authx/script=
/xml/Dom4JRuleSetBuilderTest.java Fri Feb 18 13:48:35 2005
@@ -18,6 +18,7 @@
=20
 import junit.framework.TestCase;
 import org.apache.authx.authorization.Policy;
+import org.apache.authx.authorization.DefaultAuthorizationRequest;
 import org.apache.authx.authorization.effect.DenyOverridesEffect;
 import org.apache.authx.authorization.effect.Effects;
 import org.apache.authx.authorization.effect.PermitOverridesEffect;
@@ -62,7 +63,7 @@
         Policy policy =3D new Policy( new DenyOverridesEffect() );
         builder.buildRuleSet( policy );
=20
-        assertEquals( Effects.DENY, policy.evaluate( Subjects.anybody(), P=
ermissions.anything() ).reduce() );
+        assertEquals( Effects.DENY, policy.evaluate( new DefaultAuthorizat=
ionRequest( Subjects.anybody(), Permissions.anything() ) ).reduce() );
     }
=20
     public void testHasBuiltInSupportForRulingOnUsernames() throws Excepti=
on
@@ -83,7 +84,7 @@
         Policy policy =3D new Policy( new PermitOverridesEffect() );
         builder.buildRuleSet( policy );
=20
-        assertEquals( Effects.GRANT, policy.evaluate( Subjects.joe(), Perm=
issions.anything() ).reduce() );
+        assertEquals( Effects.GRANT, policy.evaluate( new DefaultAuthoriza=
tionRequest( Subjects.joe(), Permissions.anything() ) ).reduce() );
     }
=20
     public void testHasBuiltInSupportForRulingOnGroups() throws Exception
@@ -104,7 +105,7 @@
         Policy policy =3D new Policy( new PermitOverridesEffect() );
         builder.buildRuleSet( policy );
=20
-        assertEquals( Effects.GRANT, policy.evaluate( Subjects.with( Group=
s=2Ecanadians() ), Permissions.anything() ).reduce() );
+        assertEquals( Effects.GRANT, policy.evaluate( new DefaultAuthoriza=
tionRequest( Subjects.with( Groups.canadians() ), Permissions.anything() ) =
)=2Ereduce() );
     }
=20
     public void testHasBuiltInSupportForRulingOnRoles() throws Exception
@@ -125,7 +126,7 @@
         Policy policy =3D new Policy( new PermitOverridesEffect() );
         builder.buildRuleSet( policy );
=20
-        assertEquals( Effects.GRANT, policy.evaluate( Subjects.with( Roles=
.developer() ), Permissions.anything() ).reduce() );
+        assertEquals( Effects.GRANT, policy.evaluate( new DefaultAuthoriza=
tionRequest( Subjects.with( Roles.developer() ), Permissions.anything() )) =
.reduce() );
     }
=20
     public void testPredicatesCanBeRegisteredToExtendRuling() throws Excep=
tion
@@ -147,7 +148,7 @@
         Policy policy =3D new Policy( new PermitOverridesEffect() );
         builder.buildRuleSet( policy );
=20
-        assertEquals( Effects.GRANT, policy.evaluate( Subjects.withGreenEy=
es(), Permissions.anything() ).reduce() );
+        assertEquals( Effects.GRANT, policy.evaluate( new DefaultAuthoriza=
tionRequest( Subjects.withGreenEyes(), Permissions.anything() ) ).reduce() =
);
     }
=20
     public void testLastRegisteredBuilderWins() throws Exception
@@ -169,7 +170,7 @@
         Policy policy =3D new Policy( new PermitOverridesEffect() );
         builder.buildRuleSet( policy );
=20
-        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( Subjects.an=
ybody(), Permissions.anything() ).reduce() );
+        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( new Default=
AuthorizationRequest( Subjects.anybody(), Permissions.anything() ) ).reduce=
() );
     }
=20
     public void testMultiplePredicatesAreCombinedWithAnOrOperation() throw=
s Exception
@@ -192,9 +193,9 @@
         Policy policy =3D new Policy( new PermitOverridesEffect() );
         builder.buildRuleSet( policy );
=20
-        assertEquals( Effects.GRANT, policy.evaluate( Subjects.with( Usern=
ames.joe() ), Permissions.anything() ).reduce() );
-        assertEquals( Effects.GRANT, policy.evaluate( Subjects.with( Group=
s=2Ecanadians() ), Permissions.anything() ).reduce() );
-        assertEquals( Effects.GRANT, policy.evaluate( Subjects.with( Roles=
.developer() ), Permissions.anything() ).reduce() );
+        assertEquals( Effects.GRANT, policy.evaluate( new DefaultAuthoriza=
tionRequest( Subjects.with( Usernames.joe() ), Permissions.anything() ) ).r=
educe() );
+        assertEquals( Effects.GRANT, policy.evaluate( new DefaultAuthoriza=
tionRequest( Subjects.with( Groups.canadians() ), Permissions.anything() ) =
)=2Ereduce() );
+        assertEquals( Effects.GRANT, policy.evaluate( new DefaultAuthoriza=
tionRequest( Subjects.with( Roles.developer() ), Permissions.anything() ) )=
.reduce() );
     }
=20
     public void testHasBuiltInSupportForAndOperationOnPredicates() throws =
Exception
@@ -219,10 +220,10 @@
         Policy policy =3D new Policy( new PermitOverridesEffect() );
         builder.buildRuleSet( policy );
=20
-        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( Subjects.wi=
th( Usernames.joe() ), Permissions.anything() ).reduce() );
-        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( Subjects.wi=
th( Groups.geeks() ), Permissions.anything() ).reduce() );
-        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( Subjects.wi=
th( Roles.developer() ), Permissions.anything() ).reduce() );
-        assertEquals( Effects.GRANT, policy.evaluate( Subjects.with( Usern=
ames.joe(), Groups.geeks(), Roles.developer() ), Permissions.anything() ).r=
educe() );
+        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( new Default=
AuthorizationRequest( Subjects.with( Usernames.joe() ), Permissions.anythin=
g() ) ).reduce() );
+        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( new Default=
AuthorizationRequest( Subjects.with( Groups.geeks() ), Permissions.anything=
() ) ).reduce() );
+        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( new Default=
AuthorizationRequest( Subjects.with( Roles.developer() ), Permissions.anyth=
ing() ) ).reduce() );
+        assertEquals( Effects.GRANT, policy.evaluate( new DefaultAuthoriza=
tionRequest( Subjects.with( Usernames.joe(), Groups.geeks(), Roles.develope=
r() ), Permissions.anything() ) ).reduce() );
     }
=20
     public void testHasBuiltInSupportForOrOperationOnPredicates() throws E=
xception
@@ -246,9 +247,9 @@
         Policy policy =3D new Policy( new PermitOverridesEffect() );
         builder.buildRuleSet( policy );
=20
-        assertEquals( Effects.GRANT, policy.evaluate( Subjects.with( Usern=
ames.joe() ), Permissions.anything() ).reduce() );
-        assertEquals( Effects.GRANT, policy.evaluate( Subjects.with( Group=
s=2Egeeks() ), Permissions.anything() ).reduce() );
-        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( Subjects.wi=
th( Roles.developer() ), Permissions.anything() ).reduce() );
+        assertEquals( Effects.GRANT, policy.evaluate( new DefaultAuthoriza=
tionRequest( Subjects.with( Usernames.joe() ), Permissions.anything() ) ).r=
educe() );
+        assertEquals( Effects.GRANT, policy.evaluate( new DefaultAuthoriza=
tionRequest( Subjects.with( Groups.geeks() ), Permissions.anything() ) ).re=
duce() );
+        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( new Default=
AuthorizationRequest( Subjects.with( Roles.developer() ), Permissions.anyth=
ing() ) ).reduce() );
     }
=20
     public void testSubjectIsAnAliasForAndOperation() throws Exception
@@ -272,8 +273,8 @@
         Policy policy =3D new Policy( new PermitOverridesEffect() );
         builder.buildRuleSet( policy );
=20
-        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( Subjects.wi=
th( Usernames.joe() ), Permissions.anything() ).reduce() );
-        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( Subjects.wi=
th( Roles.developer() ), Permissions.anything() ).reduce() );
-        assertEquals( Effects.GRANT, policy.evaluate( Subjects.with( Usern=
ames.joe(), Roles.developer() ), Permissions.anything() ).reduce() );
+        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( new Default=
AuthorizationRequest( Subjects.with( Usernames.joe() ), Permissions.anythin=
g() ) ).reduce() );
+        assertEquals( Effects.NOT_APPLICABLE, policy.evaluate( new Default=
AuthorizationRequest( Subjects.with( Roles.developer() ), Permissions.anyth=
ing() ) ).reduce() );
+        assertEquals( Effects.GRANT, policy.evaluate( new DefaultAuthoriza=
tionRequest( Subjects.with( Usernames.joe(), Roles.developer() ), Permissio=
ns.anything() ) ).reduce() );
     }
 }