Download as
Browse Code »

Commit c24706147f01c953709caa6385e248f6e9145339

Authored by Dancovich
2 parents b1d017ee 7b42d818
Exists in master

Merge remote-tracking branch 'origin/2.4.0' into 2.4.0

Showing 18 changed files with 930 additions and 196 deletions   Show diff stats
impl/core/src/main/java/br/gov/frameworkdemoiselle/security/RequiredPermissionInterceptor.java
  Diff comments   View file @c247061
@@ -85,7 +85,7 @@ public class RequiredPermissionInterceptor implements Serializable { @@ -85,7 +85,7 @@ public class RequiredPermissionInterceptor implements Serializable {
85 String username = null; 85 String username = null;
86 86
87 if (getSecurityContext().isLoggedIn()) { 87 if (getSecurityContext().isLoggedIn()) {
88 - username = getUsername(); 88 + username = getSecurityContext().getUser().getId();
89 getLogger().trace(getBundle().getString("access-checking", username, operation, resource)); 89 getLogger().trace(getBundle().getString("access-checking", username, operation, resource));
90 } 90 }
91 91
@@ -99,22 +99,6 @@ public class RequiredPermissionInterceptor implements Serializable { @@ -99,22 +99,6 @@ public class RequiredPermissionInterceptor implements Serializable {
99 } 99 }
100 100
101 /** 101 /**
102 - * Returns the id of the currently logged in user.  
103 - *  
104 - * @return the id of the currently logged in user  
105 - */  
106 - private String getUsername() {  
107 - String username = "";  
108 - User user = getSecurityContext().getUser();  
109 -  
110 - if (user != null && user.getId() != null) {  
111 - username = user.getId();  
112 - }  
113 -  
114 - return username;  
115 - }  
116 -  
117 - /**  
118 * Returns the resource defined in {@code @RequiredPermission} annotation, the name defined in {@code @Name} 102 * Returns the resource defined in {@code @RequiredPermission} annotation, the name defined in {@code @Name}
119 * annotation or the class name itself 103 * annotation or the class name itself
120 * 104 *
@@ -131,7 +115,7 @@ public class RequiredPermissionInterceptor implements Serializable { @@ -131,7 +115,7 @@ public class RequiredPermissionInterceptor implements Serializable {
131 requiredPermission = ic.getTarget().getClass().getAnnotation(RequiredPermission.class); 115 requiredPermission = ic.getTarget().getClass().getAnnotation(RequiredPermission.class);
132 } 116 }
133 117
134 - if (requiredPermission == null || Strings.isEmpty(requiredPermission.resource())) { 118 + if (Strings.isEmpty(requiredPermission.resource())) {
135 if (ic.getTarget().getClass().getAnnotation(Name.class) == null) { 119 if (ic.getTarget().getClass().getAnnotation(Name.class) == null) {
136 return ic.getTarget().getClass().getSimpleName(); 120 return ic.getTarget().getClass().getSimpleName();
137 } else { 121 } else {
@@ -159,7 +143,7 @@ public class RequiredPermissionInterceptor implements Serializable { @@ -159,7 +143,7 @@ public class RequiredPermissionInterceptor implements Serializable {
159 requiredPermission = ic.getTarget().getClass().getAnnotation(RequiredPermission.class); 143 requiredPermission = ic.getTarget().getClass().getAnnotation(RequiredPermission.class);
160 } 144 }
161 145
162 - if (requiredPermission == null || Strings.isEmpty(requiredPermission.operation())) { 146 + if (Strings.isEmpty(requiredPermission.operation())) {
163 if (ic.getMethod().getAnnotation(Name.class) == null) { 147 if (ic.getMethod().getAnnotation(Name.class) == null) {
164 return ic.getMethod().getName(); 148 return ic.getMethod().getName();
165 } else { 149 } else {
impl/core/src/main/java/br/gov/frameworkdemoiselle/security/RequiredRoleInterceptor.java
  Diff comments   View file @c247061
@@ -121,9 +121,7 @@ public class RequiredRoleInterceptor implements Serializable { @@ -121,9 +121,7 @@ public class RequiredRoleInterceptor implements Serializable {
121 String[] roles = {}; 121 String[] roles = {};
122 122
123 if (ic.getMethod().getAnnotation(RequiredRole.class) == null) { 123 if (ic.getMethod().getAnnotation(RequiredRole.class) == null) {
124 - if (ic.getTarget().getClass().getAnnotation(RequiredRole.class) != null) {  
125 - roles = ic.getTarget().getClass().getAnnotation(RequiredRole.class).value();  
126 - } 124 + roles = ic.getTarget().getClass().getAnnotation(RequiredRole.class).value();
127 } else { 125 } else {
128 roles = ic.getMethod().getAnnotation(RequiredRole.class).value(); 126 roles = ic.getMethod().getAnnotation(RequiredRole.class).value();
129 } 127 }
impl/core/src/test/java/security/interceptor/requiredpermission/CustomAuthorizer2.java
View file @b1d017e
@@ -1,57 +0,0 @@ @@ -1,57 +0,0 @@
1 -/*  
2 - * Demoiselle Framework  
3 - * Copyright (C) 2010 SERPRO  
4 - * ----------------------------------------------------------------------------  
5 - * This file is part of Demoiselle Framework.  
6 - *  
7 - * Demoiselle Framework is free software; you can redistribute it and/or  
8 - * modify it under the terms of the GNU Lesser General Public License version 3  
9 - * as published by the Free Software Foundation.  
10 - *  
11 - * This program is distributed in the hope that it will be useful,  
12 - * but WITHOUT ANY WARRANTY; without even the implied warranty of  
13 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  
14 - * GNU General Public License for more details.  
15 - *  
16 - * You should have received a copy of the GNU Lesser General Public License version 3  
17 - * along with this program; if not, see <http://www.gnu.org/licenses/>  
18 - * or write to the Free Software Foundation, Inc., 51 Franklin Street,  
19 - * Fifth Floor, Boston, MA 02110-1301, USA.  
20 - * ----------------------------------------------------------------------------  
21 - * Este arquivo é parte do Framework Demoiselle.  
22 - *  
23 - * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou  
24 - * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação  
25 - * do Software Livre (FSF).  
26 - *  
27 - * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA  
28 - * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou  
29 - * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português  
30 - * para maiores detalhes.  
31 - *  
32 - * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título  
33 - * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>  
34 - * ou escreva para a Fundação do Software Livre (FSF) Inc.,  
35 - * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.  
36 - */  
37 -package security.interceptor.requiredpermission;  
38 -  
39 -import br.gov.frameworkdemoiselle.security.Authorizer;  
40 -  
41 -public class CustomAuthorizer2 implements Authorizer {  
42 -  
43 - private static final long serialVersionUID = 1L;  
44 -  
45 - @Override  
46 - public boolean hasRole(String role) {  
47 - return "role".equals(role);  
48 - }  
49 -  
50 - @Override  
51 - public boolean hasPermission(String resource, String operation) {  
52 - System.out.println("###" + resource + " " + operation + "###");  
53 - return "DummyProtectedClassAuthorizedWithoutParams$Proxy$_$$_WeldSubclass".equals(resource)  
54 - && ("setDummyAttrib".equals(operation) || "getDummyAttrib".equals(operation));  
55 - }  
56 -  
57 -}  
impl/core/src/test/java/security/interceptor/requiredpermission/CustomAuthorizerClassAndMethod.java 0 → 100644
  Diff comments   View file @c247061
@@ -0,0 +1,56 @@ @@ -0,0 +1,56 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.interceptor.requiredpermission;
  38 +
  39 +import br.gov.frameworkdemoiselle.security.Authorizer;
  40 +
  41 +public class CustomAuthorizerClassAndMethod implements Authorizer {
  42 +
  43 + private static final long serialVersionUID = 1L;
  44 +
  45 + @Override
  46 + public boolean hasRole(String role) {
  47 + return "role".equals(role);
  48 + }
  49 +
  50 + @Override
  51 + public boolean hasPermission(String resource, String operation) {
  52 + return "DummyProtectedClassAuthorizedWithoutParams$Proxy$_$$_WeldSubclass".equals(resource)
  53 + && ("setDummyAttrib".equals(operation) || "getDummyAttrib".equals(operation));
  54 + }
  55 +
  56 +}
impl/core/src/test/java/security/interceptor/requiredpermission/RequiredPermissionInterceptorTest.java
  Diff comments   View file @c247061
@@ -46,7 +46,6 @@ import org.jboss.arquillian.junit.Arquillian; @@ -46,7 +46,6 @@ import org.jboss.arquillian.junit.Arquillian;
46 import org.jboss.shrinkwrap.api.spec.JavaArchive; 46 import org.jboss.shrinkwrap.api.spec.JavaArchive;
47 import org.junit.After; 47 import org.junit.After;
48 import org.junit.Before; 48 import org.junit.Before;
49 -import org.junit.Ignore;  
50 import org.junit.Test; 49 import org.junit.Test;
51 import org.junit.runner.RunWith; 50 import org.junit.runner.RunWith;
52 51
@@ -62,13 +61,13 @@ public class RequiredPermissionInterceptorTest { @@ -62,13 +61,13 @@ public class RequiredPermissionInterceptorTest {
62 61
63 @Inject 62 @Inject
64 private DummyProtectedClassAuthorized protectedClassAuthorized; 63 private DummyProtectedClassAuthorized protectedClassAuthorized;
65 - 64 +
66 @Inject 65 @Inject
67 private DummyProtectedClassUnauthorized protectedClassUnAuthorized; 66 private DummyProtectedClassUnauthorized protectedClassUnAuthorized;
68 67
69 @Inject 68 @Inject
70 private DummyProtectedMethods protectedMethods; 69 private DummyProtectedMethods protectedMethods;
71 - 70 +
72 @Inject 71 @Inject
73 private DummyProtectedClassAndMethod protectedClassAndMethod; 72 private DummyProtectedClassAndMethod protectedClassAndMethod;
74 73
@@ -91,11 +90,11 @@ public class RequiredPermissionInterceptorTest { @@ -91,11 +90,11 @@ public class RequiredPermissionInterceptorTest {
91 public void activeContext() { 90 public void activeContext() {
92 SessionContext sessionContext = Beans.getReference(SessionContext.class); 91 SessionContext sessionContext = Beans.getReference(SessionContext.class);
93 sessionContext.activate(); 92 sessionContext.activate();
94 - 93 +
95 securityContext.login(); 94 securityContext.login();
96 } 95 }
97 96
98 - @Test(expected=AuthorizationException.class) 97 + @Test(expected = AuthorizationException.class)
99 public void callProtectedClassAttribNotAuthorized() { 98 public void callProtectedClassAttribNotAuthorized() {
100 protectedClassUnAuthorized.getDummyAttrib(); 99 protectedClassUnAuthorized.getDummyAttrib();
101 } 100 }
@@ -106,37 +105,35 @@ public class RequiredPermissionInterceptorTest { @@ -106,37 +105,35 @@ public class RequiredPermissionInterceptorTest {
106 assertEquals("Test", protectedClassAuthorized.getDummyAttrib()); 105 assertEquals("Test", protectedClassAuthorized.getDummyAttrib());
107 } 106 }
108 107
109 - @Test(expected=AuthorizationException.class)  
110 - public void callProtectedMethodNotAuthorized(){ 108 + @Test(expected = AuthorizationException.class)
  109 + public void callProtectedMethodNotAuthorized() {
111 protectedMethods.setDummyAttribUnauthorized("Not Authorized"); 110 protectedMethods.setDummyAttribUnauthorized("Not Authorized");
112 } 111 }
113 - 112 +
114 @Test 113 @Test
115 - public void callProtectedMethodAuthorized(){ 114 + public void callProtectedMethodAuthorized() {
116 protectedMethods.setDummyAttribAuthorized("Authorized"); 115 protectedMethods.setDummyAttribAuthorized("Authorized");
117 assertEquals("Authorized", protectedMethods.getDummyAttrib()); 116 assertEquals("Authorized", protectedMethods.getDummyAttrib());
118 } 117 }
119 - 118 +
120 /** 119 /**
121 * This test aim to verify the priority of method authorization over class authorization 120 * This test aim to verify the priority of method authorization over class authorization
122 */ 121 */
123 @Test 122 @Test
124 - public void callNotAnnotatedMethod(){  
125 - try{ 123 + public void callNotAnnotatedMethod() {
  124 + try {
126 protectedClassAndMethod.setDummyAttribWithClassAuthorization("Class not authorized"); 125 protectedClassAndMethod.setDummyAttribWithClassAuthorization("Class not authorized");
127 fail(); 126 fail();
128 - }catch(AuthorizationException cause){ 127 + } catch (AuthorizationException cause) {
129 } 128 }
130 - 129 +
131 protectedClassAndMethod.setDummyAttribWithAuthorization("Method authorized"); 130 protectedClassAndMethod.setDummyAttribWithAuthorization("Method authorized");
132 } 131 }
133 -  
134 -  
135 - 132 +
136 @After 133 @After
137 public void deactiveContext() { 134 public void deactiveContext() {
138 securityContext.logout(); 135 securityContext.logout();
139 - 136 +
140 SessionContext ctx = Beans.getReference(SessionContext.class); 137 SessionContext ctx = Beans.getReference(SessionContext.class);
141 ctx.deactivate(); 138 ctx.deactivate();
142 } 139 }
impl/core/src/test/java/security/interceptor/requiredpermission/RequiredPermissionInterceptorTest2.java
View file @b1d017e
@@ -1,99 +0,0 @@ @@ -1,99 +0,0 @@
1 -/*  
2 - * Demoiselle Framework  
3 - * Copyright (C) 2010 SERPRO  
4 - * ----------------------------------------------------------------------------  
5 - * This file is part of Demoiselle Framework.  
6 - *  
7 - * Demoiselle Framework is free software; you can redistribute it and/or  
8 - * modify it under the terms of the GNU Lesser General Public License version 3  
9 - * as published by the Free Software Foundation.  
10 - *  
11 - * This program is distributed in the hope that it will be useful,  
12 - * but WITHOUT ANY WARRANTY; without even the implied warranty of  
13 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  
14 - * GNU General Public License for more details.  
15 - *  
16 - * You should have received a copy of the GNU Lesser General Public License version 3  
17 - * along with this program; if not, see <http://www.gnu.org/licenses/>  
18 - * or write to the Free Software Foundation, Inc., 51 Franklin Street,  
19 - * Fifth Floor, Boston, MA 02110-1301, USA.  
20 - * ----------------------------------------------------------------------------  
21 - * Este arquivo é parte do Framework Demoiselle.  
22 - *  
23 - * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou  
24 - * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação  
25 - * do Software Livre (FSF).  
26 - *  
27 - * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA  
28 - * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou  
29 - * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português  
30 - * para maiores detalhes.  
31 - *  
32 - * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título  
33 - * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>  
34 - * ou escreva para a Fundação do Software Livre (FSF) Inc.,  
35 - * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.  
36 - */  
37 -package security.interceptor.requiredpermission;  
38 -  
39 -import static junit.framework.Assert.assertEquals;  
40 -import static org.junit.Assert.fail;  
41 -  
42 -import javax.inject.Inject;  
43 -  
44 -import org.jboss.arquillian.container.test.api.Deployment;  
45 -import org.jboss.arquillian.junit.Arquillian;  
46 -import org.jboss.shrinkwrap.api.spec.JavaArchive;  
47 -import org.junit.After;  
48 -import org.junit.Before;  
49 -import org.junit.Ignore;  
50 -import org.junit.Test;  
51 -import org.junit.runner.RunWith;  
52 -  
53 -import security.interceptor.loggedin.CustomAuthenticator;  
54 -import test.Tests;  
55 -import br.gov.frameworkdemoiselle.context.SessionContext;  
56 -import br.gov.frameworkdemoiselle.security.AuthorizationException;  
57 -import br.gov.frameworkdemoiselle.security.SecurityContext;  
58 -import br.gov.frameworkdemoiselle.util.Beans;  
59 -  
60 -@RunWith(Arquillian.class)  
61 -public class RequiredPermissionInterceptorTest2 {  
62 -  
63 - @Inject  
64 - private DummyProtectedClassAuthorizedWithoutParams protectedClassAuthorizedWithoutParams;  
65 -  
66 - @Inject  
67 - private SecurityContext securityContext;  
68 -  
69 - @Deployment  
70 - public static JavaArchive createDeployment() {  
71 - JavaArchive deployment = Tests.createDeployment();  
72 - deployment.addClass(DummyProtectedClassAuthorizedWithoutParams.class);  
73 - deployment.addClass(CustomAuthenticator.class);  
74 - deployment.addClass(CustomAuthorizer2.class);  
75 - return deployment;  
76 - }  
77 -  
78 - @Before  
79 - public void activeContext() {  
80 - SessionContext sessionContext = Beans.getReference(SessionContext.class);  
81 - sessionContext.activate();  
82 -  
83 - securityContext.login();  
84 - }  
85 -  
86 - @Test  
87 - public void callProtectedClassAttribNotAuthorized() {  
88 - protectedClassAuthorizedWithoutParams.setDummyAttrib("Test");  
89 - assertEquals("Test", protectedClassAuthorizedWithoutParams.getDummyAttrib());  
90 - }  
91 -  
92 - @After  
93 - public void deactiveContext() {  
94 - securityContext.logout();  
95 -  
96 - SessionContext ctx = Beans.getReference(SessionContext.class);  
97 - ctx.deactivate();  
98 - }  
99 -}  
impl/core/src/test/java/security/interceptor/requiredpermission/RequiredPermissionInterceptorWithoutLoggedInTest.java 0 → 100644
  Diff comments   View file @c247061
@@ -0,0 +1,74 @@ @@ -0,0 +1,74 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.interceptor.requiredpermission;
  38 +
  39 +import static org.junit.Assert.fail;
  40 +
  41 +import javax.inject.Inject;
  42 +
  43 +import org.jboss.arquillian.container.test.api.Deployment;
  44 +import org.jboss.arquillian.junit.Arquillian;
  45 +import org.jboss.shrinkwrap.api.spec.JavaArchive;
  46 +import org.junit.Test;
  47 +import org.junit.runner.RunWith;
  48 +
  49 +import security.athentication.custom.CustomAuthenticator;
  50 +import test.Tests;
  51 +import br.gov.frameworkdemoiselle.security.NotLoggedInException;
  52 +
  53 +@RunWith(Arquillian.class)
  54 +public class RequiredPermissionInterceptorWithoutLoggedInTest {
  55 +
  56 + @Inject
  57 + private DummyProtectedClassAuthorized protectedClassAuthorized;
  58 +
  59 + @Deployment
  60 + public static JavaArchive createDeployment() {
  61 + JavaArchive deployment = Tests.createDeployment();
  62 + deployment.addClass(CustomAuthenticator.class);
  63 + deployment.addClass(CustomAuthorizer.class);
  64 + deployment.addClass(DummyProtectedClassAuthorized.class);
  65 + return deployment;
  66 + }
  67 +
  68 + @Test(expected = NotLoggedInException.class)
  69 + public void correctRoleOnClass() {
  70 + protectedClassAuthorized.setDummyAttrib("Not LoggedIn");
  71 + fail();
  72 + }
  73 +
  74 +}
impl/core/src/test/java/security/interceptor/requiredpermission/RequiredPermissionInterceptorWithoutParamTest.java 0 → 100644
  Diff comments   View file @c247061
@@ -0,0 +1,96 @@ @@ -0,0 +1,96 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.interceptor.requiredpermission;
  38 +
  39 +import static junit.framework.Assert.assertEquals;
  40 +
  41 +import javax.inject.Inject;
  42 +
  43 +import org.jboss.arquillian.container.test.api.Deployment;
  44 +import org.jboss.arquillian.junit.Arquillian;
  45 +import org.jboss.shrinkwrap.api.spec.JavaArchive;
  46 +import org.junit.After;
  47 +import org.junit.Before;
  48 +import org.junit.Test;
  49 +import org.junit.runner.RunWith;
  50 +
  51 +import security.interceptor.loggedin.CustomAuthenticator;
  52 +import test.Tests;
  53 +import br.gov.frameworkdemoiselle.context.SessionContext;
  54 +import br.gov.frameworkdemoiselle.security.SecurityContext;
  55 +import br.gov.frameworkdemoiselle.util.Beans;
  56 +
  57 +@RunWith(Arquillian.class)
  58 +public class RequiredPermissionInterceptorWithoutParamTest {
  59 +
  60 + @Inject
  61 + private DummyProtectedClassAuthorizedWithoutParams protectedClassAuthorizedWithoutParams;
  62 +
  63 + @Inject
  64 + private SecurityContext securityContext;
  65 +
  66 + @Deployment
  67 + public static JavaArchive createDeployment() {
  68 + JavaArchive deployment = Tests.createDeployment();
  69 + deployment.addClass(DummyProtectedClassAuthorizedWithoutParams.class);
  70 + deployment.addClass(CustomAuthenticator.class);
  71 + deployment.addClass(CustomAuthorizerClassAndMethod.class);
  72 + return deployment;
  73 + }
  74 +
  75 + @Before
  76 + public void activeContext() {
  77 + SessionContext sessionContext = Beans.getReference(SessionContext.class);
  78 + sessionContext.activate();
  79 +
  80 + securityContext.login();
  81 + }
  82 +
  83 + @Test
  84 + public void callProtectedClassAttribNotAuthorized() {
  85 + protectedClassAuthorizedWithoutParams.setDummyAttrib("Test");
  86 + assertEquals("Test", protectedClassAuthorizedWithoutParams.getDummyAttrib());
  87 + }
  88 +
  89 + @After
  90 + public void deactiveContext() {
  91 + securityContext.logout();
  92 +
  93 + SessionContext ctx = Beans.getReference(SessionContext.class);
  94 + ctx.deactivate();
  95 + }
  96 +}
impl/core/src/test/java/security/interceptor/requiredrole/ClassAndMethodWithRole.java 0 → 100644
  Diff comments   View file @c247061
@@ -0,0 +1,55 @@ @@ -0,0 +1,55 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.interceptor.requiredrole;
  38 +
  39 +import br.gov.frameworkdemoiselle.security.RequiredRole;
  40 +
  41 +@RequiredRole("role1")
  42 +public class ClassAndMethodWithRole {
  43 +
  44 + private String attr;
  45 +
  46 + public String getAttr() {
  47 + return attr;
  48 + }
  49 +
  50 + @RequiredRole("role2")
  51 + public void setAttr(String attr) {
  52 + this.attr = attr;
  53 + }
  54 +
  55 +}
impl/core/src/test/java/security/interceptor/requiredrole/ClassWithCorrectRole.java 0 → 100644
  Diff comments   View file @c247061
@@ -0,0 +1,54 @@ @@ -0,0 +1,54 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.interceptor.requiredrole;
  38 +
  39 +import br.gov.frameworkdemoiselle.security.RequiredRole;
  40 +
  41 +@RequiredRole("role")
  42 +public class ClassWithCorrectRole {
  43 +
  44 + private String attr;
  45 +
  46 + public String getAttr() {
  47 + return attr;
  48 + }
  49 +
  50 + public void setAttr(String attr) {
  51 + this.attr = attr;
  52 + }
  53 +
  54 +}
impl/core/src/test/java/security/interceptor/requiredrole/ClassWithWrongRole.java 0 → 100644
  Diff comments   View file @c247061
@@ -0,0 +1,54 @@ @@ -0,0 +1,54 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.interceptor.requiredrole;
  38 +
  39 +import br.gov.frameworkdemoiselle.security.RequiredRole;
  40 +
  41 +@RequiredRole("other")
  42 +public class ClassWithWrongRole {
  43 +
  44 + private String attr;
  45 +
  46 + public String getAttr() {
  47 + return attr;
  48 + }
  49 +
  50 + public void setAttr(String attr) {
  51 + this.attr = attr;
  52 + }
  53 +
  54 +}
impl/core/src/test/java/security/interceptor/requiredrole/CustomAuthorizerMultipleRoles.java 0 → 100644
  Diff comments   View file @c247061
@@ -0,0 +1,55 @@ @@ -0,0 +1,55 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.interceptor.requiredrole;
  38 +
  39 +import br.gov.frameworkdemoiselle.security.Authorizer;
  40 +
  41 +public class CustomAuthorizerMultipleRoles implements Authorizer {
  42 +
  43 + private static final long serialVersionUID = 1L;
  44 +
  45 + @Override
  46 + public boolean hasRole(String role) {
  47 + return "role1".equals(role) || "role2".equals(role);
  48 + }
  49 +
  50 + @Override
  51 + public boolean hasPermission(String resource, String operation) {
  52 + return "resource".equals(resource) && "operation".equals(operation);
  53 + }
  54 +
  55 +}
impl/core/src/test/java/security/interceptor/requiredrole/CustomAuthorizerOneRole.java 0 → 100644
  Diff comments   View file @c247061
@@ -0,0 +1,55 @@ @@ -0,0 +1,55 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.interceptor.requiredrole;
  38 +
  39 +import br.gov.frameworkdemoiselle.security.Authorizer;
  40 +
  41 +public class CustomAuthorizerOneRole implements Authorizer {
  42 +
  43 + private static final long serialVersionUID = 1L;
  44 +
  45 + @Override
  46 + public boolean hasRole(String role) {
  47 + return "role".equals(role);
  48 + }
  49 +
  50 + @Override
  51 + public boolean hasPermission(String resource, String operation) {
  52 + return "resource".equals(resource) && "operation".equals(operation);
  53 + }
  54 +
  55 +}
impl/core/src/test/java/security/interceptor/requiredrole/MethodsWithRole.java 0 → 100644
  Diff comments   View file @c247061
@@ -0,0 +1,59 @@ @@ -0,0 +1,59 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.interceptor.requiredrole;
  38 +
  39 +import br.gov.frameworkdemoiselle.security.RequiredRole;
  40 +
  41 +public class MethodsWithRole {
  42 +
  43 + private String attr = "default";
  44 +
  45 + public String getAttr() {
  46 + return attr;
  47 + }
  48 +
  49 + @RequiredRole("role")
  50 + public void setAttrWithCorrectRole(String attr) {
  51 + this.attr = attr;
  52 + }
  53 +
  54 + @RequiredRole("wrong")
  55 + public void setAttrWithWrongRole(String attr) {
  56 + this.attr = attr;
  57 + }
  58 +
  59 +}
impl/core/src/test/java/security/interceptor/requiredrole/MethodsWithTwoRoles.java 0 → 100644
  Diff comments   View file @c247061
@@ -0,0 +1,54 @@ @@ -0,0 +1,54 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.interceptor.requiredrole;
  38 +
  39 +import br.gov.frameworkdemoiselle.security.RequiredRole;
  40 +
  41 +public class MethodsWithTwoRoles {
  42 +
  43 + private String attr = "default";
  44 +
  45 + public String getAttr() {
  46 + return attr;
  47 + }
  48 +
  49 + @RequiredRole({ "role1", "role2" })
  50 + public void setAttr(String attr) {
  51 + this.attr = attr;
  52 + }
  53 +
  54 +}
impl/core/src/test/java/security/interceptor/requiredrole/RequiredRoleInterceptorMultipleRoleTest.java 0 → 100644
  Diff comments   View file @c247061
@@ -0,0 +1,104 @@ @@ -0,0 +1,104 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.interceptor.requiredrole;
  38 +
  39 +import static junit.framework.Assert.assertEquals;
  40 +
  41 +import javax.inject.Inject;
  42 +
  43 +import org.jboss.arquillian.container.test.api.Deployment;
  44 +import org.jboss.arquillian.junit.Arquillian;
  45 +import org.jboss.shrinkwrap.api.spec.JavaArchive;
  46 +import org.junit.After;
  47 +import org.junit.Before;
  48 +import org.junit.Test;
  49 +import org.junit.runner.RunWith;
  50 +
  51 +import security.interceptor.loggedin.CustomAuthenticator;
  52 +import test.Tests;
  53 +import br.gov.frameworkdemoiselle.context.SessionContext;
  54 +import br.gov.frameworkdemoiselle.security.SecurityContext;
  55 +import br.gov.frameworkdemoiselle.util.Beans;
  56 +
  57 +@RunWith(Arquillian.class)
  58 +public class RequiredRoleInterceptorMultipleRoleTest {
  59 +
  60 + @Inject
  61 + private SecurityContext securityContext;
  62 +
  63 + @Inject
  64 + private ClassAndMethodWithRole classAndMethodWithRole;
  65 +
  66 + @Inject
  67 + private MethodsWithTwoRoles methodsWithTwoRoles;
  68 +
  69 + @Deployment
  70 + public static JavaArchive createDeployment() {
  71 + JavaArchive deployment = Tests.createDeployment();
  72 + deployment.addClass(ClassAndMethodWithRole.class);
  73 + deployment.addClass(MethodsWithTwoRoles.class);
  74 + deployment.addClass(CustomAuthenticator.class);
  75 + deployment.addClass(CustomAuthorizerMultipleRoles.class);
  76 + return deployment;
  77 + }
  78 +
  79 + @Before
  80 + public void activeContext() {
  81 + SessionContext sessionContext = Beans.getReference(SessionContext.class);
  82 + sessionContext.activate();
  83 + securityContext.login();
  84 + }
  85 +
  86 + @Test
  87 + public void roleOnClassAndMethod() {
  88 + classAndMethodWithRole.setAttr("new value");
  89 + assertEquals("new value", classAndMethodWithRole.getAttr());
  90 + }
  91 +
  92 + @Test
  93 + public void methosdWithTwoRoles() {
  94 + methodsWithTwoRoles.setAttr("new value");
  95 + assertEquals("new value", methodsWithTwoRoles.getAttr());
  96 + }
  97 +
  98 + @After
  99 + public void deactiveContext() {
  100 + securityContext.logout();
  101 + SessionContext ctx = Beans.getReference(SessionContext.class);
  102 + ctx.deactivate();
  103 + }
  104 +}
impl/core/src/test/java/security/interceptor/requiredrole/RequiredRoleInterceptorOneRoleTest.java 0 → 100644
  Diff comments   View file @c247061
@@ -0,0 +1,121 @@ @@ -0,0 +1,121 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.interceptor.requiredrole;
  38 +
  39 +import static junit.framework.Assert.assertEquals;
  40 +import static org.junit.Assert.fail;
  41 +
  42 +import javax.inject.Inject;
  43 +
  44 +import org.jboss.arquillian.container.test.api.Deployment;
  45 +import org.jboss.arquillian.junit.Arquillian;
  46 +import org.jboss.shrinkwrap.api.spec.JavaArchive;
  47 +import org.junit.After;
  48 +import org.junit.Before;
  49 +import org.junit.Test;
  50 +import org.junit.runner.RunWith;
  51 +
  52 +import security.interceptor.loggedin.CustomAuthenticator;
  53 +import test.Tests;
  54 +import br.gov.frameworkdemoiselle.context.SessionContext;
  55 +import br.gov.frameworkdemoiselle.security.AuthorizationException;
  56 +import br.gov.frameworkdemoiselle.security.SecurityContext;
  57 +import br.gov.frameworkdemoiselle.util.Beans;
  58 +
  59 +@RunWith(Arquillian.class)
  60 +public class RequiredRoleInterceptorOneRoleTest {
  61 +
  62 + @Inject
  63 + private SecurityContext securityContext;
  64 +
  65 + @Inject
  66 + private ClassWithWrongRole classWithWrongRole;
  67 +
  68 + @Inject
  69 + private ClassWithCorrectRole classWithCorrectRole;
  70 +
  71 + @Inject
  72 + private MethodsWithRole methodsWithRole;
  73 +
  74 + @Deployment
  75 + public static JavaArchive createDeployment() {
  76 + JavaArchive deployment = Tests.createDeployment();
  77 + deployment.addClass(ClassWithWrongRole.class);
  78 + deployment.addClass(ClassWithCorrectRole.class);
  79 + deployment.addClass(MethodsWithRole.class);
  80 + deployment.addClass(CustomAuthenticator.class);
  81 + deployment.addClass(CustomAuthorizerOneRole.class);
  82 + return deployment;
  83 + }
  84 +
  85 + @Before
  86 + public void activeContext() {
  87 + SessionContext sessionContext = Beans.getReference(SessionContext.class);
  88 + sessionContext.activate();
  89 + securityContext.login();
  90 + }
  91 +
  92 + @Test(expected = AuthorizationException.class)
  93 + public void wrongRoleOnClass() {
  94 + classWithWrongRole.getAttr();
  95 + }
  96 +
  97 + @Test
  98 + public void correctRoleOnClass() {
  99 + classWithCorrectRole.setAttr("new value");
  100 + assertEquals("new value", classWithCorrectRole.getAttr());
  101 + }
  102 +
  103 + @Test(expected = AuthorizationException.class)
  104 + public void wrongRoleOnMethod() {
  105 + methodsWithRole.setAttrWithWrongRole("new value");
  106 + fail();
  107 + }
  108 +
  109 + @Test
  110 + public void correctRoleOnMethod() {
  111 + methodsWithRole.setAttrWithCorrectRole("new value");
  112 + assertEquals("new value", methodsWithRole.getAttr());
  113 + }
  114 +
  115 + @After
  116 + public void deactiveContext() {
  117 + securityContext.logout();
  118 + SessionContext ctx = Beans.getReference(SessionContext.class);
  119 + ctx.deactivate();
  120 + }
  121 +}
impl/core/src/test/java/security/interceptor/requiredrole/RequiredRoleInterceptorWithoutLoggedInTest.java 0 → 100644
  Diff comments   View file @c247061
@@ -0,0 +1,74 @@ @@ -0,0 +1,74 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.interceptor.requiredrole;
  38 +
  39 +import static org.junit.Assert.fail;
  40 +
  41 +import javax.inject.Inject;
  42 +
  43 +import org.jboss.arquillian.container.test.api.Deployment;
  44 +import org.jboss.arquillian.junit.Arquillian;
  45 +import org.jboss.shrinkwrap.api.spec.JavaArchive;
  46 +import org.junit.Test;
  47 +import org.junit.runner.RunWith;
  48 +
  49 +import security.athentication.custom.CustomAuthenticator;
  50 +import test.Tests;
  51 +import br.gov.frameworkdemoiselle.security.NotLoggedInException;
  52 +
  53 +@RunWith(Arquillian.class)
  54 +public class RequiredRoleInterceptorWithoutLoggedInTest {
  55 +
  56 + @Inject
  57 + private ClassWithCorrectRole classWithCorrectRole;
  58 +
  59 + @Deployment
  60 + public static JavaArchive createDeployment() {
  61 + JavaArchive deployment = Tests.createDeployment();
  62 + deployment.addClass(ClassWithCorrectRole.class);
  63 + deployment.addClass(CustomAuthenticator.class);
  64 + deployment.addClass(CustomAuthorizerOneRole.class);
  65 + return deployment;
  66 + }
  67 +
  68 + @Test(expected = NotLoggedInException.class)
  69 + public void correctRoleOnClass() {
  70 + classWithCorrectRole.setAttr("new value");
  71 + fail();
  72 + }
  73 +
  74 +}