Download as
Browse Code »

Commit 7b42d818ec0c02e1f830a39d90f011ce827b2866

Authored by Emerson Oliveira
1 parent 1fac2c53
Exists in master

Refatoração e adição de testes para o RequiredPermissionInterceptor

Showing 6 changed files with 241 additions and 174 deletions   Show diff stats
impl/core/src/test/java/security/interceptor/requiredpermission/CustomAuthorizer2.java
View file @1fac2c5
... ... @@ -1,57 +0,0 @@
1   -/*
2   - * Demoiselle Framework
3   - * Copyright (C) 2010 SERPRO
4   - * ----------------------------------------------------------------------------
5   - * This file is part of Demoiselle Framework.
6   - *
7   - * Demoiselle Framework is free software; you can redistribute it and/or
8   - * modify it under the terms of the GNU Lesser General Public License version 3
9   - * as published by the Free Software Foundation.
10   - *
11   - * This program is distributed in the hope that it will be useful,
12   - * but WITHOUT ANY WARRANTY; without even the implied warranty of
13   - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14   - * GNU General Public License for more details.
15   - *
16   - * You should have received a copy of the GNU Lesser General Public License version 3
17   - * along with this program; if not, see <http://www.gnu.org/licenses/>
18   - * or write to the Free Software Foundation, Inc., 51 Franklin Street,
19   - * Fifth Floor, Boston, MA 02110-1301, USA.
20   - * ----------------------------------------------------------------------------
21   - * Este arquivo é parte do Framework Demoiselle.
22   - *
23   - * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
24   - * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
25   - * do Software Livre (FSF).
26   - *
27   - * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
28   - * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
29   - * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
30   - * para maiores detalhes.
31   - *
32   - * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
33   - * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
34   - * ou escreva para a Fundação do Software Livre (FSF) Inc.,
35   - * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
36   - */
37   -package security.interceptor.requiredpermission;
38   -
39   -import br.gov.frameworkdemoiselle.security.Authorizer;
40   -
41   -public class CustomAuthorizer2 implements Authorizer {
42   -
43   - private static final long serialVersionUID = 1L;
44   -
45   - @Override
46   - public boolean hasRole(String role) {
47   - return "role".equals(role);
48   - }
49   -
50   - @Override
51   - public boolean hasPermission(String resource, String operation) {
52   - System.out.println("###" + resource + " " + operation + "###");
53   - return "DummyProtectedClassAuthorizedWithoutParams$Proxy$_$$_WeldSubclass".equals(resource)
54   - && ("setDummyAttrib".equals(operation) || "getDummyAttrib".equals(operation));
55   - }
56   -
57   -}
impl/core/src/test/java/security/interceptor/requiredpermission/CustomAuthorizerClassAndMethod.java 0 → 100644
  Diff comments   View file @7b42d81
... ... @@ -0,0 +1,56 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.interceptor.requiredpermission;
  38 +
  39 +import br.gov.frameworkdemoiselle.security.Authorizer;
  40 +
  41 +public class CustomAuthorizerClassAndMethod implements Authorizer {
  42 +
  43 + private static final long serialVersionUID = 1L;
  44 +
  45 + @Override
  46 + public boolean hasRole(String role) {
  47 + return "role".equals(role);
  48 + }
  49 +
  50 + @Override
  51 + public boolean hasPermission(String resource, String operation) {
  52 + return "DummyProtectedClassAuthorizedWithoutParams$Proxy$_$$_WeldSubclass".equals(resource)
  53 + && ("setDummyAttrib".equals(operation) || "getDummyAttrib".equals(operation));
  54 + }
  55 +
  56 +}
... ...
impl/core/src/test/java/security/interceptor/requiredpermission/RequiredPermissionInterceptorTest.java
  Diff comments   View file @7b42d81
... ... @@ -46,7 +46,6 @@ import org.jboss.arquillian.junit.Arquillian;
46 46 import org.jboss.shrinkwrap.api.spec.JavaArchive;
47 47 import org.junit.After;
48 48 import org.junit.Before;
49   -import org.junit.Ignore;
50 49 import org.junit.Test;
51 50 import org.junit.runner.RunWith;
52 51  
... ... @@ -62,13 +61,13 @@ public class RequiredPermissionInterceptorTest {
62 61  
63 62 @Inject
64 63 private DummyProtectedClassAuthorized protectedClassAuthorized;
65   -
  64 +
66 65 @Inject
67 66 private DummyProtectedClassUnauthorized protectedClassUnAuthorized;
68 67  
69 68 @Inject
70 69 private DummyProtectedMethods protectedMethods;
71   -
  70 +
72 71 @Inject
73 72 private DummyProtectedClassAndMethod protectedClassAndMethod;
74 73  
... ... @@ -91,11 +90,11 @@ public class RequiredPermissionInterceptorTest {
91 90 public void activeContext() {
92 91 SessionContext sessionContext = Beans.getReference(SessionContext.class);
93 92 sessionContext.activate();
94   -
  93 +
95 94 securityContext.login();
96 95 }
97 96  
98   - @Test(expected=AuthorizationException.class)
  97 + @Test(expected = AuthorizationException.class)
99 98 public void callProtectedClassAttribNotAuthorized() {
100 99 protectedClassUnAuthorized.getDummyAttrib();
101 100 }
... ... @@ -106,37 +105,35 @@ public class RequiredPermissionInterceptorTest {
106 105 assertEquals("Test", protectedClassAuthorized.getDummyAttrib());
107 106 }
108 107  
109   - @Test(expected=AuthorizationException.class)
110   - public void callProtectedMethodNotAuthorized(){
  108 + @Test(expected = AuthorizationException.class)
  109 + public void callProtectedMethodNotAuthorized() {
111 110 protectedMethods.setDummyAttribUnauthorized("Not Authorized");
112 111 }
113   -
  112 +
114 113 @Test
115   - public void callProtectedMethodAuthorized(){
  114 + public void callProtectedMethodAuthorized() {
116 115 protectedMethods.setDummyAttribAuthorized("Authorized");
117 116 assertEquals("Authorized", protectedMethods.getDummyAttrib());
118 117 }
119   -
  118 +
120 119 /**
121 120 * This test aim to verify the priority of method authorization over class authorization
122 121 */
123 122 @Test
124   - public void callNotAnnotatedMethod(){
125   - try{
  123 + public void callNotAnnotatedMethod() {
  124 + try {
126 125 protectedClassAndMethod.setDummyAttribWithClassAuthorization("Class not authorized");
127 126 fail();
128   - }catch(AuthorizationException cause){
  127 + } catch (AuthorizationException cause) {
129 128 }
130   -
  129 +
131 130 protectedClassAndMethod.setDummyAttribWithAuthorization("Method authorized");
132 131 }
133   -
134   -
135   -
  132 +
136 133 @After
137 134 public void deactiveContext() {
138 135 securityContext.logout();
139   -
  136 +
140 137 SessionContext ctx = Beans.getReference(SessionContext.class);
141 138 ctx.deactivate();
142 139 }
... ...
impl/core/src/test/java/security/interceptor/requiredpermission/RequiredPermissionInterceptorTest2.java
View file @1fac2c5
... ... @@ -1,99 +0,0 @@
1   -/*
2   - * Demoiselle Framework
3   - * Copyright (C) 2010 SERPRO
4   - * ----------------------------------------------------------------------------
5   - * This file is part of Demoiselle Framework.
6   - *
7   - * Demoiselle Framework is free software; you can redistribute it and/or
8   - * modify it under the terms of the GNU Lesser General Public License version 3
9   - * as published by the Free Software Foundation.
10   - *
11   - * This program is distributed in the hope that it will be useful,
12   - * but WITHOUT ANY WARRANTY; without even the implied warranty of
13   - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14   - * GNU General Public License for more details.
15   - *
16   - * You should have received a copy of the GNU Lesser General Public License version 3
17   - * along with this program; if not, see <http://www.gnu.org/licenses/>
18   - * or write to the Free Software Foundation, Inc., 51 Franklin Street,
19   - * Fifth Floor, Boston, MA 02110-1301, USA.
20   - * ----------------------------------------------------------------------------
21   - * Este arquivo é parte do Framework Demoiselle.
22   - *
23   - * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
24   - * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
25   - * do Software Livre (FSF).
26   - *
27   - * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
28   - * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
29   - * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
30   - * para maiores detalhes.
31   - *
32   - * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
33   - * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
34   - * ou escreva para a Fundação do Software Livre (FSF) Inc.,
35   - * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
36   - */
37   -package security.interceptor.requiredpermission;
38   -
39   -import static junit.framework.Assert.assertEquals;
40   -import static org.junit.Assert.fail;
41   -
42   -import javax.inject.Inject;
43   -
44   -import org.jboss.arquillian.container.test.api.Deployment;
45   -import org.jboss.arquillian.junit.Arquillian;
46   -import org.jboss.shrinkwrap.api.spec.JavaArchive;
47   -import org.junit.After;
48   -import org.junit.Before;
49   -import org.junit.Ignore;
50   -import org.junit.Test;
51   -import org.junit.runner.RunWith;
52   -
53   -import security.interceptor.loggedin.CustomAuthenticator;
54   -import test.Tests;
55   -import br.gov.frameworkdemoiselle.context.SessionContext;
56   -import br.gov.frameworkdemoiselle.security.AuthorizationException;
57   -import br.gov.frameworkdemoiselle.security.SecurityContext;
58   -import br.gov.frameworkdemoiselle.util.Beans;
59   -
60   -@RunWith(Arquillian.class)
61   -public class RequiredPermissionInterceptorTest2 {
62   -
63   - @Inject
64   - private DummyProtectedClassAuthorizedWithoutParams protectedClassAuthorizedWithoutParams;
65   -
66   - @Inject
67   - private SecurityContext securityContext;
68   -
69   - @Deployment
70   - public static JavaArchive createDeployment() {
71   - JavaArchive deployment = Tests.createDeployment();
72   - deployment.addClass(DummyProtectedClassAuthorizedWithoutParams.class);
73   - deployment.addClass(CustomAuthenticator.class);
74   - deployment.addClass(CustomAuthorizer2.class);
75   - return deployment;
76   - }
77   -
78   - @Before
79   - public void activeContext() {
80   - SessionContext sessionContext = Beans.getReference(SessionContext.class);
81   - sessionContext.activate();
82   -
83   - securityContext.login();
84   - }
85   -
86   - @Test
87   - public void callProtectedClassAttribNotAuthorized() {
88   - protectedClassAuthorizedWithoutParams.setDummyAttrib("Test");
89   - assertEquals("Test", protectedClassAuthorizedWithoutParams.getDummyAttrib());
90   - }
91   -
92   - @After
93   - public void deactiveContext() {
94   - securityContext.logout();
95   -
96   - SessionContext ctx = Beans.getReference(SessionContext.class);
97   - ctx.deactivate();
98   - }
99   -}
impl/core/src/test/java/security/interceptor/requiredpermission/RequiredPermissionInterceptorWithoutLoggedInTest.java 0 → 100644
  Diff comments   View file @7b42d81
... ... @@ -0,0 +1,74 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.interceptor.requiredpermission;
  38 +
  39 +import static org.junit.Assert.fail;
  40 +
  41 +import javax.inject.Inject;
  42 +
  43 +import org.jboss.arquillian.container.test.api.Deployment;
  44 +import org.jboss.arquillian.junit.Arquillian;
  45 +import org.jboss.shrinkwrap.api.spec.JavaArchive;
  46 +import org.junit.Test;
  47 +import org.junit.runner.RunWith;
  48 +
  49 +import security.athentication.custom.CustomAuthenticator;
  50 +import test.Tests;
  51 +import br.gov.frameworkdemoiselle.security.NotLoggedInException;
  52 +
  53 +@RunWith(Arquillian.class)
  54 +public class RequiredPermissionInterceptorWithoutLoggedInTest {
  55 +
  56 + @Inject
  57 + private DummyProtectedClassAuthorized protectedClassAuthorized;
  58 +
  59 + @Deployment
  60 + public static JavaArchive createDeployment() {
  61 + JavaArchive deployment = Tests.createDeployment();
  62 + deployment.addClass(CustomAuthenticator.class);
  63 + deployment.addClass(CustomAuthorizer.class);
  64 + deployment.addClass(DummyProtectedClassAuthorized.class);
  65 + return deployment;
  66 + }
  67 +
  68 + @Test(expected = NotLoggedInException.class)
  69 + public void correctRoleOnClass() {
  70 + protectedClassAuthorized.setDummyAttrib("Not LoggedIn");
  71 + fail();
  72 + }
  73 +
  74 +}
... ...
impl/core/src/test/java/security/interceptor/requiredpermission/RequiredPermissionInterceptorWithoutParamTest.java 0 → 100644
  Diff comments   View file @7b42d81
... ... @@ -0,0 +1,96 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.interceptor.requiredpermission;
  38 +
  39 +import static junit.framework.Assert.assertEquals;
  40 +
  41 +import javax.inject.Inject;
  42 +
  43 +import org.jboss.arquillian.container.test.api.Deployment;
  44 +import org.jboss.arquillian.junit.Arquillian;
  45 +import org.jboss.shrinkwrap.api.spec.JavaArchive;
  46 +import org.junit.After;
  47 +import org.junit.Before;
  48 +import org.junit.Test;
  49 +import org.junit.runner.RunWith;
  50 +
  51 +import security.interceptor.loggedin.CustomAuthenticator;
  52 +import test.Tests;
  53 +import br.gov.frameworkdemoiselle.context.SessionContext;
  54 +import br.gov.frameworkdemoiselle.security.SecurityContext;
  55 +import br.gov.frameworkdemoiselle.util.Beans;
  56 +
  57 +@RunWith(Arquillian.class)
  58 +public class RequiredPermissionInterceptorWithoutParamTest {
  59 +
  60 + @Inject
  61 + private DummyProtectedClassAuthorizedWithoutParams protectedClassAuthorizedWithoutParams;
  62 +
  63 + @Inject
  64 + private SecurityContext securityContext;
  65 +
  66 + @Deployment
  67 + public static JavaArchive createDeployment() {
  68 + JavaArchive deployment = Tests.createDeployment();
  69 + deployment.addClass(DummyProtectedClassAuthorizedWithoutParams.class);
  70 + deployment.addClass(CustomAuthenticator.class);
  71 + deployment.addClass(CustomAuthorizerClassAndMethod.class);
  72 + return deployment;
  73 + }
  74 +
  75 + @Before
  76 + public void activeContext() {
  77 + SessionContext sessionContext = Beans.getReference(SessionContext.class);
  78 + sessionContext.activate();
  79 +
  80 + securityContext.login();
  81 + }
  82 +
  83 + @Test
  84 + public void callProtectedClassAttribNotAuthorized() {
  85 + protectedClassAuthorizedWithoutParams.setDummyAttrib("Test");
  86 + assertEquals("Test", protectedClassAuthorizedWithoutParams.getDummyAttrib());
  87 + }
  88 +
  89 + @After
  90 + public void deactiveContext() {
  91 + securityContext.logout();
  92 +
  93 + SessionContext ctx = Beans.getReference(SessionContext.class);
  94 + ctx.deactivate();
  95 + }
  96 +}
... ...