Download as
Browse Code »

Commit 3937ab10d59eaf111c154047f0ecc332862090da

Authored by Dancovich
1 parent 164e56cd
Exists in master

Implementados testes de autorização

Showing 14 changed files with 841 additions and 8 deletions   Show diff stats
impl/core/src/main/java/br/gov/frameworkdemoiselle/security/AuthenticationException.java
  Diff comments   View file @3937ab1
@@ -37,7 +37,7 @@ @@ -37,7 +37,7 @@
37 package br.gov.frameworkdemoiselle.security; 37 package br.gov.frameworkdemoiselle.security;
38 38
39 /** 39 /**
40 - * Thrown when the authorization process fails. 40 + * Thrown when the authentication process fails.
41 * 41 *
42 * @author SERPRO 42 * @author SERPRO
43 */ 43 */
impl/core/src/main/java/br/gov/frameworkdemoiselle/security/Authenticator.java
  Diff comments   View file @3937ab1
@@ -52,7 +52,7 @@ public interface Authenticator extends Serializable { @@ -52,7 +52,7 @@ public interface Authenticator extends Serializable {
52 * @throws AuthenticationException 52 * @throws AuthenticationException
53 * When the authentication process fails, this exception is thrown. 53 * When the authentication process fails, this exception is thrown.
54 */ 54 */
55 - void authenticate() throws AuthenticationException; 55 + void authenticate();
56 56
57 /** 57 /**
58 * Executes the necessary steps to unauthenticate an user. 58 * Executes the necessary steps to unauthenticate an user.
impl/core/src/main/java/br/gov/frameworkdemoiselle/security/SecurityContext.java
  Diff comments   View file @3937ab1
@@ -49,10 +49,10 @@ public interface SecurityContext extends Serializable { @@ -49,10 +49,10 @@ public interface SecurityContext extends Serializable {
49 /** 49 /**
50 * Executes the login of a user to the application. 50 * Executes the login of a user to the application.
51 * 51 *
52 - * @throws AuthorizationException 52 + * @throws AuthenticationException
53 * When the logon process fails, this exception is thrown. 53 * When the logon process fails, this exception is thrown.
54 */ 54 */
55 - void login() throws AuthorizationException; 55 + void login();
56 56
57 /** 57 /**
58 * Executes the logout of a user. 58 * Executes the logout of a user.
@@ -60,7 +60,7 @@ public interface SecurityContext extends Serializable { @@ -60,7 +60,7 @@ public interface SecurityContext extends Serializable {
60 * @throws NotLoggedInException 60 * @throws NotLoggedInException
61 * if there is no user logged in a specific session 61 * if there is no user logged in a specific session
62 */ 62 */
63 - void logout() throws NotLoggedInException; 63 + void logout();
64 64
65 /** 65 /**
66 * Checks if a specific user is logged in. 66 * Checks if a specific user is logged in.
@@ -69,7 +69,11 @@ public interface SecurityContext extends Serializable { @@ -69,7 +69,11 @@ public interface SecurityContext extends Serializable {
69 */ 69 */
70 boolean isLoggedIn(); 70 boolean isLoggedIn();
71 71
72 - void checkLoggedIn() throws NotLoggedInException; 72 + /**
  73 + * @throws NotLoggedInException
  74 + * if there is no user logged in a specific session
  75 + */
  76 + void checkLoggedIn();
73 77
74 /** 78 /**
75 * Checks if the logged user has permission to execute an specific operation on a specific resource. 79 * Checks if the logged user has permission to execute an specific operation on a specific resource.
@@ -79,10 +83,11 @@ public interface SecurityContext extends Serializable { @@ -79,10 +83,11 @@ public interface SecurityContext extends Serializable {
79 * @param operation 83 * @param operation
80 * operation to be checked 84 * operation to be checked
81 * @return {@code true} if the user has the permission 85 * @return {@code true} if the user has the permission
  86 + *
82 * @throws NotLoggedInException 87 * @throws NotLoggedInException
83 * if there is no user logged in a specific session. 88 * if there is no user logged in a specific session.
84 */ 89 */
85 - boolean hasPermission(String resource, String operation) throws NotLoggedInException; 90 + boolean hasPermission(String resource, String operation);
86 91
87 /** 92 /**
88 * Checks if the logged user has an specific role 93 * Checks if the logged user has an specific role
@@ -90,10 +95,11 @@ public interface SecurityContext extends Serializable { @@ -90,10 +95,11 @@ public interface SecurityContext extends Serializable {
90 * @param role 95 * @param role
91 * role to be checked 96 * role to be checked
92 * @return {@code true} if the user has the role 97 * @return {@code true} if the user has the role
  98 + *
93 * @throws NotLoggedInException 99 * @throws NotLoggedInException
94 * if there is no user logged in a specific session. 100 * if there is no user logged in a specific session.
95 */ 101 */
96 - boolean hasRole(String role) throws NotLoggedInException; 102 + boolean hasRole(String role);
97 103
98 /** 104 /**
99 * Return the user logged in the session. 105 * Return the user logged in the session.
impl/core/src/test/java/security/athentication/error/ErrorAuthenticator.java 0 → 100644
  Diff comments   View file @3937ab1
@@ -0,0 +1,64 @@ @@ -0,0 +1,64 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.athentication.error;
  38 +
  39 +import java.security.Principal;
  40 +
  41 +import br.gov.frameworkdemoiselle.security.AuthenticationException;
  42 +import br.gov.frameworkdemoiselle.security.Authenticator;
  43 +
  44 +public class ErrorAuthenticator implements Authenticator {
  45 +
  46 + private static final long serialVersionUID = 1L;
  47 +
  48 + @Override
  49 + public void authenticate() throws AuthenticationException {
  50 + throw new RuntimeException();
  51 + }
  52 +
  53 + @Override
  54 + public void unAuthenticate() {
  55 + throw new RuntimeException();
  56 + }
  57 +
  58 + @Override
  59 + public Principal getUser() {
  60 + return null;
  61 + }
  62 +
  63 +
  64 +}
impl/core/src/test/java/security/athentication/error/ErrorAuthenticatorTest.java 0 → 100644
  Diff comments   View file @3937ab1
@@ -0,0 +1,95 @@ @@ -0,0 +1,95 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.athentication.error;
  38 +
  39 +import javax.inject.Inject;
  40 +
  41 +import junit.framework.Assert;
  42 +
  43 +import org.jboss.arquillian.container.test.api.Deployment;
  44 +import org.jboss.arquillian.junit.Arquillian;
  45 +import org.jboss.shrinkwrap.api.spec.JavaArchive;
  46 +import org.junit.Test;
  47 +import org.junit.runner.RunWith;
  48 +
  49 +import test.Tests;
  50 +import br.gov.frameworkdemoiselle.security.AuthenticationException;
  51 +import br.gov.frameworkdemoiselle.security.SecurityContext;
  52 +import configuration.resource.ConfigurationResourceTest;
  53 +
  54 +@RunWith(Arquillian.class)
  55 +public class ErrorAuthenticatorTest {
  56 +
  57 + @Inject
  58 + private SecurityContext context;
  59 +
  60 + @Deployment
  61 + public static JavaArchive createDeployment() {
  62 + JavaArchive deployment = Tests.createDeployment(ConfigurationResourceTest.class);
  63 + deployment.addClass(ErrorAuthenticator.class);
  64 + return deployment;
  65 + }
  66 +
  67 + @Test
  68 + public void errorDuringLogin(){
  69 + try{
  70 + context.login();
  71 + Assert.fail("Login deveria disparar exceção de runtime");
  72 + }
  73 + catch(AuthenticationException ae){
  74 + Assert.fail("A exceção disparada não foi a esperada");
  75 + }
  76 + catch(RuntimeException e){
  77 + //PASS
  78 + }
  79 + }
  80 +
  81 + @Test
  82 + public void errorDuringLogout(){
  83 + try{
  84 + context.login();
  85 + Assert.fail("Logout deveria disparar exceção de runtime");
  86 + }
  87 + catch(AuthenticationException ae){
  88 + Assert.fail("A exceção disparada não foi a esperada");
  89 + }
  90 + catch(RuntimeException e){
  91 + //PASS
  92 + }
  93 + }
  94 +
  95 +}
impl/core/src/test/java/security/authorization/ambiguity/AmbiguousAuthorizerTest.java 0 → 100644
  Diff comments   View file @3937ab1
@@ -0,0 +1,92 @@ @@ -0,0 +1,92 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.authorization.ambiguity;
  38 +
  39 +import static junit.framework.Assert.assertEquals;
  40 +
  41 +import javax.enterprise.inject.AmbiguousResolutionException;
  42 +import javax.inject.Inject;
  43 +
  44 +import org.jboss.arquillian.container.test.api.Deployment;
  45 +import org.jboss.arquillian.junit.Arquillian;
  46 +import org.jboss.shrinkwrap.api.spec.JavaArchive;
  47 +import org.junit.After;
  48 +import org.junit.Before;
  49 +import org.junit.Test;
  50 +import org.junit.runner.RunWith;
  51 +
  52 +import security.athentication.custom.CustomAuthenticator;
  53 +import security.authorization.custom.CustomAuthorizer;
  54 +import test.Tests;
  55 +import br.gov.frameworkdemoiselle.DemoiselleException;
  56 +import br.gov.frameworkdemoiselle.security.SecurityContext;
  57 +import configuration.resource.ConfigurationResourceTest;
  58 +
  59 +@RunWith(Arquillian.class)
  60 +public class AmbiguousAuthorizerTest {
  61 +
  62 + @Inject
  63 + private SecurityContext context;
  64 +
  65 + @Deployment
  66 + public static JavaArchive createDeployment() {
  67 + JavaArchive deployment = Tests.createDeployment(ConfigurationResourceTest.class);
  68 + deployment.addClass(CustomAuthenticator.class);
  69 + deployment.addClass(CustomAuthorizer.class);
  70 + deployment.addClass(DuplicatedCustomAuthorizer.class);
  71 + return deployment;
  72 + }
  73 +
  74 + @Before
  75 + public void loginToTest(){
  76 + context.login();
  77 + }
  78 +
  79 + @Test
  80 + public void ambiguousAuthorizerStrategy() {
  81 + try {
  82 + context.hasRole("role");
  83 + } catch (DemoiselleException cause) {
  84 + assertEquals(AmbiguousResolutionException.class, cause.getCause().getClass());
  85 + }
  86 + }
  87 +
  88 + @After
  89 + public void logoutAfterTest(){
  90 + context.logout();
  91 + }
  92 +}
impl/core/src/test/java/security/authorization/ambiguity/DuplicatedCustomAuthorizer.java 0 → 100644
  Diff comments   View file @3937ab1
@@ -0,0 +1,54 @@ @@ -0,0 +1,54 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.authorization.ambiguity;
  38 +
  39 +import br.gov.frameworkdemoiselle.security.Authorizer;
  40 +
  41 +public class DuplicatedCustomAuthorizer implements Authorizer {
  42 +
  43 + private static final long serialVersionUID = 1L;
  44 +
  45 + @Override
  46 + public boolean hasRole(String role) {
  47 + return true;
  48 + }
  49 +
  50 + @Override
  51 + public boolean hasPermission(String resource, String operation) {
  52 + return true;
  53 + }
  54 +}
impl/core/src/test/java/security/authorization/custom/CustomAuthorizer.java 0 → 100644
  Diff comments   View file @3937ab1
@@ -0,0 +1,57 @@ @@ -0,0 +1,57 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.authorization.custom;
  38 +
  39 +import br.gov.frameworkdemoiselle.security.Authorizer;
  40 +
  41 +public class CustomAuthorizer implements Authorizer {
  42 +
  43 + private static final long serialVersionUID = 1L;
  44 +
  45 + @Override
  46 + public boolean hasRole(String role) {
  47 + return "role".equals(role);
  48 + }
  49 +
  50 + @Override
  51 + public boolean hasPermission(String resource, String operation) {
  52 + return "resource".equals(resource);
  53 + }
  54 +
  55 +
  56 +
  57 +}
impl/core/src/test/java/security/authorization/custom/CustomAuthorizerTest.java 0 → 100644
  Diff comments   View file @3937ab1
@@ -0,0 +1,100 @@ @@ -0,0 +1,100 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.authorization.custom;
  38 +
  39 +import javax.inject.Inject;
  40 +
  41 +import junit.framework.Assert;
  42 +
  43 +import org.jboss.arquillian.container.test.api.Deployment;
  44 +import org.jboss.arquillian.junit.Arquillian;
  45 +import org.jboss.shrinkwrap.api.spec.JavaArchive;
  46 +import org.junit.After;
  47 +import org.junit.Before;
  48 +import org.junit.Test;
  49 +import org.junit.runner.RunWith;
  50 +
  51 +import security.athentication.custom.CustomAuthenticator;
  52 +import test.Tests;
  53 +import br.gov.frameworkdemoiselle.security.SecurityContext;
  54 +import configuration.resource.ConfigurationResourceTest;
  55 +
  56 +@RunWith(Arquillian.class)
  57 +public class CustomAuthorizerTest {
  58 +
  59 + @Inject
  60 + private SecurityContext context;
  61 +
  62 + @Deployment
  63 + public static JavaArchive createDeployment() {
  64 + JavaArchive deployment = Tests.createDeployment(ConfigurationResourceTest.class);
  65 + deployment.addClass(CustomAuthenticator.class);
  66 + deployment.addClass(CustomAuthorizer.class);
  67 + return deployment;
  68 + }
  69 +
  70 + @Before
  71 + public void loginToTest(){
  72 + context.login();
  73 + }
  74 +
  75 + @Test
  76 + public void hasPermission(){
  77 + Assert.assertTrue(context.hasPermission("resource", "operation"));
  78 + }
  79 +
  80 + @Test
  81 + public void hasRole(){
  82 + Assert.assertTrue(context.hasRole("role"));
  83 + }
  84 +
  85 + @Test
  86 + public void denyPermission(){
  87 + Assert.assertFalse(context.hasPermission("falseresource", "falseoperation"));
  88 + }
  89 +
  90 + @Test
  91 + public void denyRole(){
  92 + Assert.assertFalse(context.hasRole("falserole"));
  93 + }
  94 +
  95 + @After
  96 + public void logoutAfterTest(){
  97 + context.logout();
  98 + }
  99 +
  100 +}
impl/core/src/test/java/security/authorization/error/ErrorAuthorizer.java 0 → 100644
  Diff comments   View file @3937ab1
@@ -0,0 +1,57 @@ @@ -0,0 +1,57 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.authorization.error;
  38 +
  39 +import br.gov.frameworkdemoiselle.security.Authorizer;
  40 +
  41 +public class ErrorAuthorizer implements Authorizer {
  42 +
  43 + private static final long serialVersionUID = 1L;
  44 +
  45 + @Override
  46 + public boolean hasRole(String role) {
  47 + throw new RuntimeException("Erro desconhecido ao obter papeis");
  48 + }
  49 +
  50 + @Override
  51 + public boolean hasPermission(String resource, String operation) {
  52 + throw new RuntimeException("Erro desconhecido ao obter permissões");
  53 + }
  54 +
  55 +
  56 +
  57 +}
impl/core/src/test/java/security/authorization/error/ErrorAuthorizerTest.java 0 → 100644
  Diff comments   View file @3937ab1
@@ -0,0 +1,110 @@ @@ -0,0 +1,110 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.authorization.error;
  38 +
  39 +import javax.inject.Inject;
  40 +
  41 +import junit.framework.Assert;
  42 +
  43 +import org.jboss.arquillian.container.test.api.Deployment;
  44 +import org.jboss.arquillian.junit.Arquillian;
  45 +import org.jboss.shrinkwrap.api.spec.JavaArchive;
  46 +import org.junit.After;
  47 +import org.junit.Before;
  48 +import org.junit.Test;
  49 +import org.junit.runner.RunWith;
  50 +
  51 +import security.athentication.custom.CustomAuthenticator;
  52 +import test.Tests;
  53 +import br.gov.frameworkdemoiselle.security.AuthorizationException;
  54 +import br.gov.frameworkdemoiselle.security.NotLoggedInException;
  55 +import br.gov.frameworkdemoiselle.security.SecurityContext;
  56 +import configuration.resource.ConfigurationResourceTest;
  57 +
  58 +@RunWith(Arquillian.class)
  59 +public class ErrorAuthorizerTest {
  60 +
  61 + @Inject
  62 + private SecurityContext context;
  63 +
  64 + @Deployment
  65 + public static JavaArchive createDeployment() {
  66 + JavaArchive deployment = Tests.createDeployment(ConfigurationResourceTest.class);
  67 + deployment.addClass(CustomAuthenticator.class);
  68 + deployment.addClass(ErrorAuthorizer.class);
  69 + return deployment;
  70 + }
  71 +
  72 + @Before
  73 + public void loginToTest(){
  74 + context.login();
  75 + }
  76 +
  77 + @Test
  78 + public void errorDuringCheckPermission(){
  79 + try{
  80 + context.hasPermission("resource", "operation");
  81 + Assert.fail("Verificar permissão deveria disparar exceção de runtime");
  82 + }
  83 + catch(NotLoggedInException ae){
  84 + Assert.fail("A exceção disparada não foi a esperada");
  85 + }
  86 + catch(RuntimeException e){
  87 + //PASS
  88 + }
  89 + }
  90 +
  91 + @Test
  92 + public void errorDuringCheckRole(){
  93 + try{
  94 + context.hasRole("role");
  95 + Assert.fail("Verificar papel deveria disparar exceção de runtime");
  96 + }
  97 + catch(AuthorizationException ae){
  98 + Assert.fail("A exceção disparada não foi a esperada");
  99 + }
  100 + catch(RuntimeException e){
  101 + //PASS
  102 + }
  103 + }
  104 +
  105 + @After
  106 + public void logoutAfterTest(){
  107 + context.logout();
  108 + }
  109 +
  110 +}
impl/core/src/test/java/security/authorization/selection/SelectedAuthorizerTest.java 0 → 100644
  Diff comments   View file @3937ab1
@@ -0,0 +1,90 @@ @@ -0,0 +1,90 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.authorization.selection;
  38 +
  39 +import javax.inject.Inject;
  40 +
  41 +import org.jboss.arquillian.container.test.api.Deployment;
  42 +import org.jboss.arquillian.junit.Arquillian;
  43 +import org.jboss.shrinkwrap.api.spec.JavaArchive;
  44 +import org.junit.After;
  45 +import org.junit.Assert;
  46 +import org.junit.Before;
  47 +import org.junit.Test;
  48 +import org.junit.runner.RunWith;
  49 +
  50 +import security.athentication.custom.CustomAuthenticator;
  51 +import security.authorization.ambiguity.DuplicatedCustomAuthorizer;
  52 +import security.authorization.custom.CustomAuthorizer;
  53 +import test.Tests;
  54 +import br.gov.frameworkdemoiselle.security.SecurityContext;
  55 +import configuration.resource.ConfigurationResourceTest;
  56 +
  57 +@RunWith(Arquillian.class)
  58 +public class SelectedAuthorizerTest {
  59 +
  60 + private static final String PATH = "src/test/resources/security/authorization/selection";
  61 +
  62 + @Inject
  63 + private SecurityContext context;
  64 +
  65 + @Deployment
  66 + public static JavaArchive createDeployment() {
  67 + JavaArchive deployment = Tests.createDeployment(ConfigurationResourceTest.class);
  68 + deployment.addClass(CustomAuthenticator.class);
  69 + deployment.addClass(CustomAuthorizer.class);
  70 + deployment.addClass(DuplicatedCustomAuthorizer.class);
  71 + deployment.addAsResource(Tests.createFileAsset(PATH + "/demoiselle.properties"), "demoiselle.properties");
  72 + return deployment;
  73 + }
  74 +
  75 + @Before
  76 + public void loginToTest(){
  77 + context.login();
  78 + }
  79 +
  80 + @Test
  81 + public void selectedAuthorizerStrategy() {
  82 + context.login();
  83 + Assert.assertTrue(context.hasRole("role"));
  84 + }
  85 +
  86 + @After
  87 + public void logoutAfterTest(){
  88 + context.logout();
  89 + }
  90 +}
impl/core/src/test/java/security/authorization/undefined/UndefinedAuthorizerTest.java 0 → 100644
  Diff comments   View file @3937ab1
@@ -0,0 +1,72 @@ @@ -0,0 +1,72 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.authorization.undefined;
  38 +
  39 +import static junit.framework.Assert.assertEquals;
  40 +
  41 +import javax.inject.Inject;
  42 +
  43 +import org.jboss.arquillian.container.test.api.Deployment;
  44 +import org.jboss.arquillian.junit.Arquillian;
  45 +import org.jboss.shrinkwrap.api.spec.JavaArchive;
  46 +import org.junit.Test;
  47 +import org.junit.runner.RunWith;
  48 +
  49 +import test.Tests;
  50 +import br.gov.frameworkdemoiselle.security.AuthenticationException;
  51 +import br.gov.frameworkdemoiselle.security.SecurityContext;
  52 +
  53 +@RunWith(Arquillian.class)
  54 +public class UndefinedAuthorizerTest {
  55 +
  56 + @Inject
  57 + private SecurityContext context;
  58 +
  59 + @Deployment
  60 + public static JavaArchive createDeployment() {
  61 + return Tests.createDeployment();
  62 + }
  63 +
  64 + @Test
  65 + public void undefinedAuthorizerStrategy() {
  66 + try {
  67 + context.hasRole("role");
  68 + } catch (AuthenticationException cause) {
  69 + assertEquals(ClassNotFoundException.class, cause.getCause().getClass());
  70 + }
  71 + }
  72 +}
impl/core/src/test/resources/security/authorization/selection/demoiselle.properties 0 → 100644
  Diff comments   View file @3937ab1
@@ -0,0 +1,36 @@ @@ -0,0 +1,36 @@
  1 +# Demoiselle Framework
  2 +# Copyright (C) 2010 SERPRO
  3 +# ----------------------------------------------------------------------------
  4 +# This file is part of Demoiselle Framework.
  5 +#
  6 +# Demoiselle Framework is free software; you can redistribute it and/or
  7 +# modify it under the terms of the GNU Lesser General Public License version 3
  8 +# as published by the Free Software Foundation.
  9 +#
  10 +# This program is distributed in the hope that it will be useful,
  11 +# but WITHOUT ANY WARRANTY; without even the implied warranty of
  12 +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13 +# GNU General Public License for more details.
  14 +#
  15 +# You should have received a copy of the GNU Lesser General Public License version 3
  16 +# along with this program; if not, see <http://www.gnu.org/licenses/>
  17 +# or write to the Free Software Foundation, Inc., 51 Franklin Street,
  18 +# Fifth Floor, Boston, MA 02110-1301, USA.
  19 +# ----------------------------------------------------------------------------
  20 +# Este arquivo é parte do Framework Demoiselle.
  21 +#
  22 +# O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  23 +# modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  24 +# do Software Livre (FSF).
  25 +#
  26 +# Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  27 +# GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  28 +# APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  29 +# para maiores detalhes.
  30 +#
  31 +# Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  32 +# "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  33 +# ou escreva para a Fundação do Software Livre (FSF) Inc.,
  34 +# 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  35 +
  36 +frameworkdemoiselle.security.authorizer.class=security.authorization.custom.CustomAuthorizer
0 \ No newline at end of file 37 \ No newline at end of file