Download as
Browse Code »

Commit eedb5dbb85407c78f9c2dab61181b9e5e037f0cd

Authored by Dancovich
2 parents fd4ec7ad 892df7e6
Exists in master

Merge remote-tracking branch 'origin/2.4.0' into 2.4.0

Showing 32 changed files with 806 additions and 226 deletions   Show diff stats
impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/DefaultAuthenticator.java
  Diff comments   View file @eedb5db
@@ -72,7 +72,7 @@ public class DefaultAuthenticator implements Authenticator { @@ -72,7 +72,7 @@ public class DefaultAuthenticator implements Authenticator {
72 * @see br.gov.frameworkdemoiselle.security.Authenticator#unAuthenticate() 72 * @see br.gov.frameworkdemoiselle.security.Authenticator#unAuthenticate()
73 */ 73 */
74 @Override 74 @Override
75 - public void unAuthenticate() { 75 + public void unauthenticate() {
76 throw getException(); 76 throw getException();
77 } 77 }
78 78
impl/core/src/main/java/br/gov/frameworkdemoiselle/internal/implementation/SecurityContextImpl.java
  Diff comments   View file @eedb5db
@@ -38,11 +38,13 @@ package br.gov.frameworkdemoiselle.internal.implementation; @@ -38,11 +38,13 @@ package br.gov.frameworkdemoiselle.internal.implementation;
38 38
39 import javax.inject.Named; 39 import javax.inject.Named;
40 40
  41 +import br.gov.frameworkdemoiselle.DemoiselleException;
41 import br.gov.frameworkdemoiselle.internal.configuration.SecurityConfig; 42 import br.gov.frameworkdemoiselle.internal.configuration.SecurityConfig;
42 import br.gov.frameworkdemoiselle.security.AfterLoginSuccessful; 43 import br.gov.frameworkdemoiselle.security.AfterLoginSuccessful;
43 import br.gov.frameworkdemoiselle.security.AfterLogoutSuccessful; 44 import br.gov.frameworkdemoiselle.security.AfterLogoutSuccessful;
44 import br.gov.frameworkdemoiselle.security.AuthenticationException; 45 import br.gov.frameworkdemoiselle.security.AuthenticationException;
45 import br.gov.frameworkdemoiselle.security.Authenticator; 46 import br.gov.frameworkdemoiselle.security.Authenticator;
  47 +import br.gov.frameworkdemoiselle.security.AuthorizationException;
46 import br.gov.frameworkdemoiselle.security.Authorizer; 48 import br.gov.frameworkdemoiselle.security.Authorizer;
47 import br.gov.frameworkdemoiselle.security.NotLoggedInException; 49 import br.gov.frameworkdemoiselle.security.NotLoggedInException;
48 import br.gov.frameworkdemoiselle.security.SecurityContext; 50 import br.gov.frameworkdemoiselle.security.SecurityContext;
@@ -61,7 +63,7 @@ public class SecurityContextImpl implements SecurityContext { @@ -61,7 +63,7 @@ public class SecurityContextImpl implements SecurityContext {
61 63
62 private static final long serialVersionUID = 1L; 64 private static final long serialVersionUID = 1L;
63 65
64 - private transient ResourceBundle bundle; 66 + private transient ResourceBundle bundle;
65 67
66 private Authenticator authenticator; 68 private Authenticator authenticator;
67 69
@@ -99,26 +101,45 @@ public class SecurityContextImpl implements SecurityContext { @@ -99,26 +101,45 @@ public class SecurityContextImpl implements SecurityContext {
99 * @see br.gov.frameworkdemoiselle.security.SecurityContext#hasPermission(java.lang.String, java.lang.String) 101 * @see br.gov.frameworkdemoiselle.security.SecurityContext#hasPermission(java.lang.String, java.lang.String)
100 */ 102 */
101 @Override 103 @Override
102 - public boolean hasPermission(String resource, String operation) throws NotLoggedInException { 104 + public boolean hasPermission(String resource, String operation) {
  105 + boolean result = true;
  106 +
103 if (getConfig().isEnabled()) { 107 if (getConfig().isEnabled()) {
104 checkLoggedIn(); 108 checkLoggedIn();
105 - return getAuthorizer().hasPermission(resource, operation);  
106 109
107 - } else {  
108 - return true; 110 + try {
  111 + result = getAuthorizer().hasPermission(resource, operation);
  112 +
  113 + } catch (DemoiselleException cause) {
  114 + throw cause;
  115 +
  116 + } catch (Exception cause) {
  117 + throw new AuthorizationException(cause);
  118 + }
109 } 119 }
  120 +
  121 + return result;
110 } 122 }
111 123
112 /** 124 /**
113 * @see br.gov.frameworkdemoiselle.security.SecurityContext#hasRole(java.lang.String) 125 * @see br.gov.frameworkdemoiselle.security.SecurityContext#hasRole(java.lang.String)
114 */ 126 */
115 @Override 127 @Override
116 - public boolean hasRole(String role) throws NotLoggedInException { 128 + public boolean hasRole(String role) {
117 boolean result = true; 129 boolean result = true;
118 130
119 if (getConfig().isEnabled()) { 131 if (getConfig().isEnabled()) {
120 checkLoggedIn(); 132 checkLoggedIn();
121 - result = getAuthorizer().hasRole(role); 133 +
  134 + try {
  135 + result = getAuthorizer().hasRole(role);
  136 +
  137 + } catch (DemoiselleException cause) {
  138 + throw cause;
  139 +
  140 + } catch (Exception cause) {
  141 + throw new AuthorizationException(cause);
  142 + }
122 } 143 }
123 144
124 return result; 145 return result;
@@ -142,9 +163,18 @@ public class SecurityContextImpl implements SecurityContext { @@ -142,9 +163,18 @@ public class SecurityContextImpl implements SecurityContext {
142 * @see br.gov.frameworkdemoiselle.security.SecurityContext#login() 163 * @see br.gov.frameworkdemoiselle.security.SecurityContext#login()
143 */ 164 */
144 @Override 165 @Override
145 - public void login() throws AuthenticationException { 166 + public void login() {
146 if (getConfig().isEnabled()) { 167 if (getConfig().isEnabled()) {
147 - getAuthenticator().authenticate(); 168 +
  169 + try {
  170 + getAuthenticator().authenticate();
  171 +
  172 + } catch (DemoiselleException cause) {
  173 + throw cause;
  174 +
  175 + } catch (Exception cause) {
  176 + throw new AuthenticationException(cause);
  177 + }
148 178
149 Beans.getBeanManager().fireEvent(new AfterLoginSuccessful() { 179 Beans.getBeanManager().fireEvent(new AfterLoginSuccessful() {
150 180
@@ -161,7 +191,16 @@ public class SecurityContextImpl implements SecurityContext { @@ -161,7 +191,16 @@ public class SecurityContextImpl implements SecurityContext {
161 public void logout() throws NotLoggedInException { 191 public void logout() throws NotLoggedInException {
162 if (getConfig().isEnabled()) { 192 if (getConfig().isEnabled()) {
163 checkLoggedIn(); 193 checkLoggedIn();
164 - getAuthenticator().unAuthenticate(); 194 +
  195 + try {
  196 + getAuthenticator().unauthenticate();
  197 +
  198 + } catch (DemoiselleException cause) {
  199 + throw cause;
  200 +
  201 + } catch (Exception cause) {
  202 + throw new AuthenticationException(cause);
  203 + }
165 204
166 Beans.getBeanManager().fireEvent(new AfterLogoutSuccessful() { 205 Beans.getBeanManager().fireEvent(new AfterLogoutSuccessful() {
167 206
@@ -194,7 +233,7 @@ public class SecurityContextImpl implements SecurityContext { @@ -194,7 +233,7 @@ public class SecurityContextImpl implements SecurityContext {
194 } 233 }
195 } 234 }
196 235
197 - private ResourceBundle getBundle() { 236 + private ResourceBundle getBundle() {
198 if (bundle == null) { 237 if (bundle == null) {
199 bundle = Beans.getReference(ResourceBundle.class, new NameQualifier("demoiselle-core-bundle")); 238 bundle = Beans.getReference(ResourceBundle.class, new NameQualifier("demoiselle-core-bundle"));
200 } 239 }
@@ -202,7 +241,7 @@ public class SecurityContextImpl implements SecurityContext { @@ -202,7 +241,7 @@ public class SecurityContextImpl implements SecurityContext {
202 return bundle; 241 return bundle;
203 } 242 }
204 243
205 - private static class EmptyUser implements User{ 244 + private static class EmptyUser implements User {
206 245
207 private static final long serialVersionUID = 1L; 246 private static final long serialVersionUID = 1L;
208 247
impl/core/src/main/java/br/gov/frameworkdemoiselle/security/AuthorizationException.java
  Diff comments   View file @eedb5db
@@ -54,4 +54,14 @@ public class AuthorizationException extends SecurityException { @@ -54,4 +54,14 @@ public class AuthorizationException extends SecurityException {
54 public AuthorizationException(String message) { 54 public AuthorizationException(String message) {
55 super(message); 55 super(message);
56 } 56 }
  57 +
  58 + /**
  59 + * Constructor with the cause.
  60 + *
  61 + * @param cause
  62 + * exception cause
  63 + */
  64 + public AuthorizationException(Throwable cause) {
  65 + super(cause);
  66 + }
57 } 67 }
impl/core/src/test/java/configuration/field/beanvalidation/ConfigurationBeanValidationFieldTest.java
  Diff comments   View file @eedb5db
@@ -51,7 +51,6 @@ import org.junit.Test; @@ -51,7 +51,6 @@ import org.junit.Test;
51 import org.junit.runner.RunWith; 51 import org.junit.runner.RunWith;
52 52
53 import test.Tests; 53 import test.Tests;
54 -  
55 import br.gov.frameworkdemoiselle.configuration.ConfigurationException; 54 import br.gov.frameworkdemoiselle.configuration.ConfigurationException;
56 55
57 @RunWith(Arquillian.class) 56 @RunWith(Arquillian.class)
impl/core/src/test/java/management/testclasses/DummyManagementExtension.java
  Diff comments   View file @eedb5db
@@ -40,7 +40,6 @@ import java.util.List; @@ -40,7 +40,6 @@ import java.util.List;
40 40
41 import javax.inject.Inject; 41 import javax.inject.Inject;
42 42
43 -  
44 import br.gov.frameworkdemoiselle.internal.implementation.ManagedType; 43 import br.gov.frameworkdemoiselle.internal.implementation.ManagedType;
45 import br.gov.frameworkdemoiselle.management.ManagementExtension; 44 import br.gov.frameworkdemoiselle.management.ManagementExtension;
46 45
impl/core/src/test/java/security/athentication/ambiguity/DuplicatedCustomAuthenticator.java
  Diff comments   View file @eedb5db
@@ -36,7 +36,6 @@ @@ -36,7 +36,6 @@
36 */ 36 */
37 package security.athentication.ambiguity; 37 package security.athentication.ambiguity;
38 38
39 -import br.gov.frameworkdemoiselle.security.AuthenticationException;  
40 import br.gov.frameworkdemoiselle.security.Authenticator; 39 import br.gov.frameworkdemoiselle.security.Authenticator;
41 import br.gov.frameworkdemoiselle.security.User; 40 import br.gov.frameworkdemoiselle.security.User;
42 41
@@ -45,11 +44,11 @@ public class DuplicatedCustomAuthenticator implements Authenticator { @@ -45,11 +44,11 @@ public class DuplicatedCustomAuthenticator implements Authenticator {
45 private static final long serialVersionUID = 1L; 44 private static final long serialVersionUID = 1L;
46 45
47 @Override 46 @Override
48 - public void authenticate() throws AuthenticationException { 47 + public void authenticate() {
49 } 48 }
50 49
51 @Override 50 @Override
52 - public void unAuthenticate() { 51 + public void unauthenticate() {
53 } 52 }
54 53
55 @Override 54 @Override
impl/core/src/test/java/security/athentication/credentials/StrictAuthenticator.java
  Diff comments   View file @eedb5db
@@ -48,7 +48,7 @@ public class StrictAuthenticator implements Authenticator { @@ -48,7 +48,7 @@ public class StrictAuthenticator implements Authenticator {
48 private User currentUser; 48 private User currentUser;
49 49
50 @Override 50 @Override
51 - public void authenticate() throws AuthenticationException { 51 + public void authenticate() {
52 52
53 Credentials c = Beans.getReference(Credentials.class); 53 Credentials c = Beans.getReference(Credentials.class);
54 if ("demoiselle".equals(c.getLogin())) { 54 if ("demoiselle".equals(c.getLogin())) {
@@ -75,7 +75,7 @@ public class StrictAuthenticator implements Authenticator { @@ -75,7 +75,7 @@ public class StrictAuthenticator implements Authenticator {
75 } 75 }
76 76
77 @Override 77 @Override
78 - public void unAuthenticate() { 78 + public void unauthenticate() {
79 this.currentUser = null; 79 this.currentUser = null;
80 } 80 }
81 81
impl/core/src/test/java/security/athentication/custom/CustomAuthenticator.java
  Diff comments   View file @eedb5db
@@ -36,7 +36,6 @@ @@ -36,7 +36,6 @@
36 */ 36 */
37 package security.athentication.custom; 37 package security.athentication.custom;
38 38
39 -import br.gov.frameworkdemoiselle.security.AuthenticationException;  
40 import br.gov.frameworkdemoiselle.security.Authenticator; 39 import br.gov.frameworkdemoiselle.security.Authenticator;
41 import br.gov.frameworkdemoiselle.security.User; 40 import br.gov.frameworkdemoiselle.security.User;
42 41
@@ -47,7 +46,7 @@ public class CustomAuthenticator implements Authenticator { @@ -47,7 +46,7 @@ public class CustomAuthenticator implements Authenticator {
47 private User currentUser; 46 private User currentUser;
48 47
49 @Override 48 @Override
50 - public void authenticate() throws AuthenticationException { 49 + public void authenticate() {
51 this.currentUser = new User() { 50 this.currentUser = new User() {
52 51
53 private static final long serialVersionUID = 1L; 52 private static final long serialVersionUID = 1L;
@@ -68,7 +67,7 @@ public class CustomAuthenticator implements Authenticator { @@ -68,7 +67,7 @@ public class CustomAuthenticator implements Authenticator {
68 } 67 }
69 68
70 @Override 69 @Override
71 - public void unAuthenticate() { 70 + public void unauthenticate() {
72 this.currentUser = null; 71 this.currentUser = null;
73 } 72 }
74 73
impl/core/src/test/java/security/athentication/disabled/DisabledAuthenticationTest.java
  Diff comments   View file @eedb5db
@@ -93,12 +93,11 @@ public class DisabledAuthenticationTest { @@ -93,12 +93,11 @@ public class DisabledAuthenticationTest {
93 assertEquals("demoiselle", context.getUser().getId()); 93 assertEquals("demoiselle", context.getUser().getId());
94 } 94 }
95 95
96 - //  
97 - // @Test  
98 - // public void logoutProcess() {  
99 - // context.login();  
100 - // context.logout();  
101 - // assertFalse(context.isLoggedIn());  
102 - // assertNull(context.getCurrentUser());  
103 - // } 96 + @Test
  97 + public void logoutProcess() {
  98 + context.login();
  99 + context.logout();
  100 + assertTrue(context.isLoggedIn());
  101 + assertEquals("demoiselle", context.getUser().getId());
  102 + }
104 } 103 }
impl/core/src/test/java/security/athentication/error/ErrorAuthenticator.java
View file @fd4ec7a
@@ -1,61 +0,0 @@ @@ -1,61 +0,0 @@
1 -/*  
2 - * Demoiselle Framework  
3 - * Copyright (C) 2010 SERPRO  
4 - * ----------------------------------------------------------------------------  
5 - * This file is part of Demoiselle Framework.  
6 - *  
7 - * Demoiselle Framework is free software; you can redistribute it and/or  
8 - * modify it under the terms of the GNU Lesser General Public License version 3  
9 - * as published by the Free Software Foundation.  
10 - *  
11 - * This program is distributed in the hope that it will be useful,  
12 - * but WITHOUT ANY WARRANTY; without even the implied warranty of  
13 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  
14 - * GNU General Public License for more details.  
15 - *  
16 - * You should have received a copy of the GNU Lesser General Public License version 3  
17 - * along with this program; if not, see <http://www.gnu.org/licenses/>  
18 - * or write to the Free Software Foundation, Inc., 51 Franklin Street,  
19 - * Fifth Floor, Boston, MA 02110-1301, USA.  
20 - * ----------------------------------------------------------------------------  
21 - * Este arquivo é parte do Framework Demoiselle.  
22 - *  
23 - * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou  
24 - * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação  
25 - * do Software Livre (FSF).  
26 - *  
27 - * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA  
28 - * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou  
29 - * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português  
30 - * para maiores detalhes.  
31 - *  
32 - * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título  
33 - * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>  
34 - * ou escreva para a Fundação do Software Livre (FSF) Inc.,  
35 - * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.  
36 - */  
37 -package security.athentication.error;  
38 -  
39 -import br.gov.frameworkdemoiselle.security.AuthenticationException;  
40 -import br.gov.frameworkdemoiselle.security.Authenticator;  
41 -import br.gov.frameworkdemoiselle.security.User;  
42 -  
43 -public class ErrorAuthenticator implements Authenticator {  
44 -  
45 - private static final long serialVersionUID = 1L;  
46 -  
47 - @Override  
48 - public void authenticate() throws AuthenticationException {  
49 - throw new RuntimeException();  
50 - }  
51 -  
52 - @Override  
53 - public void unAuthenticate() {  
54 - throw new RuntimeException();  
55 - }  
56 -  
57 - @Override  
58 - public User getUser() {  
59 - return null;  
60 - }  
61 -}  
impl/core/src/test/java/security/athentication/error/ErrorAuthenticatorTest.java
View file @fd4ec7a
@@ -1,95 +0,0 @@ @@ -1,95 +0,0 @@
1 -/*  
2 - * Demoiselle Framework  
3 - * Copyright (C) 2010 SERPRO  
4 - * ----------------------------------------------------------------------------  
5 - * This file is part of Demoiselle Framework.  
6 - *  
7 - * Demoiselle Framework is free software; you can redistribute it and/or  
8 - * modify it under the terms of the GNU Lesser General Public License version 3  
9 - * as published by the Free Software Foundation.  
10 - *  
11 - * This program is distributed in the hope that it will be useful,  
12 - * but WITHOUT ANY WARRANTY; without even the implied warranty of  
13 - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the  
14 - * GNU General Public License for more details.  
15 - *  
16 - * You should have received a copy of the GNU Lesser General Public License version 3  
17 - * along with this program; if not, see <http://www.gnu.org/licenses/>  
18 - * or write to the Free Software Foundation, Inc., 51 Franklin Street,  
19 - * Fifth Floor, Boston, MA 02110-1301, USA.  
20 - * ----------------------------------------------------------------------------  
21 - * Este arquivo é parte do Framework Demoiselle.  
22 - *  
23 - * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou  
24 - * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação  
25 - * do Software Livre (FSF).  
26 - *  
27 - * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA  
28 - * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou  
29 - * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português  
30 - * para maiores detalhes.  
31 - *  
32 - * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título  
33 - * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>  
34 - * ou escreva para a Fundação do Software Livre (FSF) Inc.,  
35 - * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.  
36 - */  
37 -package security.athentication.error;  
38 -  
39 -import javax.inject.Inject;  
40 -  
41 -import junit.framework.Assert;  
42 -  
43 -import org.jboss.arquillian.container.test.api.Deployment;  
44 -import org.jboss.arquillian.junit.Arquillian;  
45 -import org.jboss.shrinkwrap.api.spec.JavaArchive;  
46 -import org.junit.Test;  
47 -import org.junit.runner.RunWith;  
48 -  
49 -import test.Tests;  
50 -import br.gov.frameworkdemoiselle.security.AuthenticationException;  
51 -import br.gov.frameworkdemoiselle.security.SecurityContext;  
52 -import configuration.resource.ConfigurationResourceTest;  
53 -  
54 -@RunWith(Arquillian.class)  
55 -public class ErrorAuthenticatorTest {  
56 -  
57 - @Inject  
58 - private SecurityContext context;  
59 -  
60 - @Deployment  
61 - public static JavaArchive createDeployment() {  
62 - JavaArchive deployment = Tests.createDeployment(ConfigurationResourceTest.class);  
63 - deployment.addClass(ErrorAuthenticator.class);  
64 - return deployment;  
65 - }  
66 -  
67 - @Test  
68 - public void errorDuringLogin(){  
69 - try{  
70 - context.login();  
71 - Assert.fail("Login deveria disparar exceção de runtime");  
72 - }  
73 - catch(AuthenticationException ae){  
74 - Assert.fail("A exceção disparada não foi a esperada");  
75 - }  
76 - catch(RuntimeException e){  
77 - //PASS  
78 - }  
79 - }  
80 -  
81 - @Test  
82 - public void errorDuringLogout(){  
83 - try{  
84 - context.login();  
85 - Assert.fail("Logout deveria disparar exceção de runtime");  
86 - }  
87 - catch(AuthenticationException ae){  
88 - Assert.fail("A exceção disparada não foi a esperada");  
89 - }  
90 - catch(RuntimeException e){  
91 - //PASS  
92 - }  
93 - }  
94 -  
95 -}  
impl/core/src/test/java/security/athentication/error/LoginErrorAuthenticator.java 0 → 100644
  Diff comments   View file @eedb5db
@@ -0,0 +1,60 @@ @@ -0,0 +1,60 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.athentication.error;
  38 +
  39 +import br.gov.frameworkdemoiselle.security.Authenticator;
  40 +import br.gov.frameworkdemoiselle.security.User;
  41 +
  42 +public class LoginErrorAuthenticator implements Authenticator {
  43 +
  44 + private static final long serialVersionUID = 1L;
  45 +
  46 + @Override
  47 + public void authenticate() {
  48 + throw new RuntimeException();
  49 + }
  50 +
  51 + @Override
  52 + public void unauthenticate() {
  53 + throw new RuntimeException();
  54 + }
  55 +
  56 + @Override
  57 + public User getUser() {
  58 + return null;
  59 + }
  60 +}
impl/core/src/test/java/security/athentication/error/LoginErrorAuthenticatorTest.java 0 → 100644
  Diff comments   View file @eedb5db
@@ -0,0 +1,94 @@ @@ -0,0 +1,94 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.athentication.error;
  38 +
  39 +import static junit.framework.Assert.assertEquals;
  40 +import static junit.framework.Assert.fail;
  41 +
  42 +import javax.inject.Inject;
  43 +
  44 +import org.jboss.arquillian.container.test.api.Deployment;
  45 +import org.jboss.arquillian.junit.Arquillian;
  46 +import org.jboss.shrinkwrap.api.spec.JavaArchive;
  47 +import org.junit.Test;
  48 +import org.junit.runner.RunWith;
  49 +
  50 +import test.Tests;
  51 +import br.gov.frameworkdemoiselle.security.AuthenticationException;
  52 +import br.gov.frameworkdemoiselle.security.NotLoggedInException;
  53 +import br.gov.frameworkdemoiselle.security.SecurityContext;
  54 +import br.gov.frameworkdemoiselle.util.Beans;
  55 +import br.gov.frameworkdemoiselle.util.NameQualifier;
  56 +import br.gov.frameworkdemoiselle.util.ResourceBundle;
  57 +import configuration.resource.ConfigurationResourceTest;
  58 +
  59 +@RunWith(Arquillian.class)
  60 +public class LoginErrorAuthenticatorTest {
  61 +
  62 + @Inject
  63 + private SecurityContext context;
  64 +
  65 + @Deployment
  66 + public static JavaArchive createDeployment() {
  67 + JavaArchive deployment = Tests.createDeployment(ConfigurationResourceTest.class);
  68 + deployment.addClass(LoginErrorAuthenticator.class);
  69 + return deployment;
  70 + }
  71 +
  72 + @Test
  73 + public void errorDuringLogin() {
  74 + try {
  75 + context.login();
  76 + fail("Login deveria disparar exceção de runtime");
  77 +
  78 + } catch (AuthenticationException cause) {
  79 + assertEquals(RuntimeException.class, cause.getCause().getClass());
  80 + }
  81 + }
  82 +
  83 + @Test
  84 + public void errorDurindCheckLoggedIn() {
  85 + try {
  86 + context.checkLoggedIn();
  87 + fail("checkLoggedIn deveria disparar exceção de NotLoggedIn");
  88 + } catch (NotLoggedInException cause) {
  89 + assertEquals(Beans.getReference(ResourceBundle.class, new NameQualifier("demoiselle-core-bundle"))
  90 + .getString("user-not-authenticated"), cause.getMessage());
  91 + }
  92 + }
  93 +
  94 +}
impl/core/src/test/java/security/athentication/error/LogoutErrorAuthenticator.java 0 → 100644
  Diff comments   View file @eedb5db
@@ -0,0 +1,78 @@ @@ -0,0 +1,78 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.athentication.error;
  38 +
  39 +import br.gov.frameworkdemoiselle.security.Authenticator;
  40 +import br.gov.frameworkdemoiselle.security.User;
  41 +
  42 +public class LogoutErrorAuthenticator implements Authenticator {
  43 +
  44 + private static final long serialVersionUID = 1L;
  45 +
  46 + private User currentUser;
  47 +
  48 + @Override
  49 + public void authenticate() {
  50 + this.currentUser = new User() {
  51 +
  52 + private static final long serialVersionUID = 1L;
  53 +
  54 + public String getId() {
  55 + return "demoiselle";
  56 + }
  57 +
  58 + @Override
  59 + public Object getAttribute(Object key) {
  60 + return null;
  61 + }
  62 +
  63 + @Override
  64 + public void setAttribute(Object key, Object value) {
  65 + }
  66 + };
  67 + }
  68 +
  69 + @Override
  70 + public void unauthenticate() {
  71 + throw new RuntimeException();
  72 + }
  73 +
  74 + @Override
  75 + public User getUser() {
  76 + return currentUser;
  77 + }
  78 +}
impl/core/src/test/java/security/athentication/error/LogoutErrorAuthenticatorTest.java 0 → 100644
  Diff comments   View file @eedb5db
@@ -0,0 +1,82 @@ @@ -0,0 +1,82 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.athentication.error;
  38 +
  39 +import static junit.framework.Assert.assertEquals;
  40 +import static junit.framework.Assert.assertTrue;
  41 +import static junit.framework.Assert.fail;
  42 +
  43 +import javax.inject.Inject;
  44 +
  45 +import org.jboss.arquillian.container.test.api.Deployment;
  46 +import org.jboss.arquillian.junit.Arquillian;
  47 +import org.jboss.shrinkwrap.api.spec.JavaArchive;
  48 +import org.junit.Test;
  49 +import org.junit.runner.RunWith;
  50 +
  51 +import test.Tests;
  52 +import br.gov.frameworkdemoiselle.security.AuthenticationException;
  53 +import br.gov.frameworkdemoiselle.security.SecurityContext;
  54 +import configuration.resource.ConfigurationResourceTest;
  55 +
  56 +@RunWith(Arquillian.class)
  57 +public class LogoutErrorAuthenticatorTest {
  58 +
  59 + @Inject
  60 + private SecurityContext context;
  61 +
  62 + @Deployment
  63 + public static JavaArchive createDeployment() {
  64 + JavaArchive deployment = Tests.createDeployment(ConfigurationResourceTest.class);
  65 + deployment.addClass(LogoutErrorAuthenticator.class);
  66 + return deployment;
  67 + }
  68 +
  69 + @Test
  70 + public void errorDuringLogout() {
  71 + try {
  72 + context.login();
  73 + assertTrue(context.isLoggedIn());
  74 + context.logout();
  75 + fail("Logout deveria disparar exceção de runtime");
  76 +
  77 + } catch (AuthenticationException cause) {
  78 + assertEquals(RuntimeException.class, cause.getCause().getClass());
  79 + }
  80 + }
  81 +
  82 +}
impl/core/src/test/java/security/authorization/custom/CustomAuthorizer.java
  Diff comments   View file @eedb5db
@@ -49,7 +49,7 @@ public class CustomAuthorizer implements Authorizer { @@ -49,7 +49,7 @@ public class CustomAuthorizer implements Authorizer {
49 49
50 @Override 50 @Override
51 public boolean hasPermission(String resource, String operation) { 51 public boolean hasPermission(String resource, String operation) {
52 - return "resource".equals(resource); 52 + return "resource".equals(resource) && "operation".equals(operation);
53 } 53 }
54 54
55 55
impl/core/src/test/java/security/authorization/custom/CustomAuthorizerTest.java
  Diff comments   View file @eedb5db
@@ -82,6 +82,15 @@ public class CustomAuthorizerTest { @@ -82,6 +82,15 @@ public class CustomAuthorizerTest {
82 Assert.assertTrue(context.hasRole("role")); 82 Assert.assertTrue(context.hasRole("role"));
83 } 83 }
84 84
  85 + /**
  86 + * Verify if when already exist an authorizer, the things keeps working fine.
  87 + */
  88 + @Test
  89 + public void hasPermitionAndHasRole(){
  90 + Assert.assertTrue(context.hasPermission("resource", "operation"));
  91 + Assert.assertTrue(context.hasRole("role"));
  92 + }
  93 +
85 @Test 94 @Test
86 public void denyPermission(){ 95 public void denyPermission(){
87 Assert.assertFalse(context.hasPermission("falseresource", "falseoperation")); 96 Assert.assertFalse(context.hasPermission("falseresource", "falseoperation"));
impl/core/src/test/java/security/authorization/disable/DisabledAuthorizationTest.java 0 → 100644
  Diff comments   View file @eedb5db
@@ -0,0 +1,98 @@ @@ -0,0 +1,98 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.authorization.disable;
  38 +
  39 +import static org.junit.Assert.assertEquals;
  40 +import static org.junit.Assert.assertNull;
  41 +import static org.junit.Assert.assertTrue;
  42 +
  43 +import javax.enterprise.context.RequestScoped;
  44 +import javax.enterprise.event.Observes;
  45 +import javax.inject.Inject;
  46 +
  47 +import junit.framework.Assert;
  48 +
  49 +import org.jboss.arquillian.container.test.api.Deployment;
  50 +import org.jboss.arquillian.junit.Arquillian;
  51 +import org.jboss.shrinkwrap.api.spec.JavaArchive;
  52 +import org.junit.Test;
  53 +import org.junit.runner.RunWith;
  54 +
  55 +import security.athentication.custom.CustomAuthenticator;
  56 +import security.authorization.custom.CustomAuthorizer;
  57 +import test.Tests;
  58 +import br.gov.frameworkdemoiselle.security.AfterLoginSuccessful;
  59 +import br.gov.frameworkdemoiselle.security.SecurityContext;
  60 +import configuration.resource.ConfigurationResourceTest;
  61 +
  62 +@RequestScoped
  63 +@RunWith(Arquillian.class)
  64 +public class DisabledAuthorizationTest {
  65 +
  66 + private static final String PATH = "src/test/resources/security/authorization/disabled";
  67 +
  68 + @Inject
  69 + private SecurityContext context;
  70 +
  71 + private AfterLoginSuccessful event;
  72 +
  73 + @Deployment
  74 + public static JavaArchive createDeployment() {
  75 + JavaArchive deployment = Tests.createDeployment(ConfigurationResourceTest.class);
  76 + deployment.addClass(CustomAuthorizer.class);
  77 + deployment.addAsResource(Tests.createFileAsset(PATH + "/demoiselle.properties"), "demoiselle.properties");
  78 + return deployment;
  79 + }
  80 +
  81 + public void observer(@Observes AfterLoginSuccessful event) {
  82 + this.event = event;
  83 + }
  84 +
  85 + @Test
  86 + public void hasPermissionProcess() {
  87 + Assert.assertTrue(context.hasPermission("resource", "operation"));
  88 + Assert.assertTrue(context.hasPermission("falseresource", "falseoperation"));
  89 + assertNull(event);
  90 + }
  91 +
  92 + @Test
  93 + public void hasRoleProcess(){
  94 + Assert.assertTrue(context.hasRole("role"));
  95 + Assert.assertTrue(context.hasRole("falserole"));
  96 + assertNull(event);
  97 + }
  98 +}
impl/core/src/test/java/security/authorization/error/ErrorAuthorizer.java
  Diff comments   View file @eedb5db
@@ -52,6 +52,4 @@ public class ErrorAuthorizer implements Authorizer { @@ -52,6 +52,4 @@ public class ErrorAuthorizer implements Authorizer {
52 throw new RuntimeException("Erro desconhecido ao obter permissões"); 52 throw new RuntimeException("Erro desconhecido ao obter permissões");
53 } 53 }
54 54
55 -  
56 -  
57 } 55 }
impl/core/src/test/java/security/authorization/error/ErrorAuthorizerTest.java
  Diff comments   View file @eedb5db
@@ -36,9 +36,10 @@ @@ -36,9 +36,10 @@
36 */ 36 */
37 package security.authorization.error; 37 package security.authorization.error;
38 38
39 -import javax.inject.Inject; 39 +import static junit.framework.Assert.assertEquals;
  40 +import static junit.framework.Assert.fail;
40 41
41 -import junit.framework.Assert; 42 +import javax.inject.Inject;
42 43
43 import org.jboss.arquillian.container.test.api.Deployment; 44 import org.jboss.arquillian.container.test.api.Deployment;
44 import org.jboss.arquillian.junit.Arquillian; 45 import org.jboss.arquillian.junit.Arquillian;
@@ -51,7 +52,6 @@ import org.junit.runner.RunWith; @@ -51,7 +52,6 @@ import org.junit.runner.RunWith;
51 import security.athentication.custom.CustomAuthenticator; 52 import security.athentication.custom.CustomAuthenticator;
52 import test.Tests; 53 import test.Tests;
53 import br.gov.frameworkdemoiselle.security.AuthorizationException; 54 import br.gov.frameworkdemoiselle.security.AuthorizationException;
54 -import br.gov.frameworkdemoiselle.security.NotLoggedInException;  
55 import br.gov.frameworkdemoiselle.security.SecurityContext; 55 import br.gov.frameworkdemoiselle.security.SecurityContext;
56 import configuration.resource.ConfigurationResourceTest; 56 import configuration.resource.ConfigurationResourceTest;
57 57
@@ -68,43 +68,37 @@ public class ErrorAuthorizerTest { @@ -68,43 +68,37 @@ public class ErrorAuthorizerTest {
68 deployment.addClass(ErrorAuthorizer.class); 68 deployment.addClass(ErrorAuthorizer.class);
69 return deployment; 69 return deployment;
70 } 70 }
71 - 71 +
72 @Before 72 @Before
73 - public void loginToTest(){ 73 + public void loginToTest() {
74 context.login(); 74 context.login();
75 } 75 }
76 76
77 @Test 77 @Test
78 - public void errorDuringCheckPermission(){  
79 - try{ 78 + public void errorDuringCheckPermission() {
  79 + try {
80 context.hasPermission("resource", "operation"); 80 context.hasPermission("resource", "operation");
81 - Assert.fail("Verificar permissão deveria disparar exceção de runtime");  
82 - }  
83 - catch(NotLoggedInException ae){  
84 - Assert.fail("A exceção disparada não foi a esperada");  
85 - }  
86 - catch(RuntimeException e){  
87 - //PASS 81 + fail("Verificar permissão deveria disparar exceção de runtime");
  82 +
  83 + } catch (AuthorizationException cause) {
  84 + assertEquals(RuntimeException.class, cause.getCause().getClass());
88 } 85 }
89 } 86 }
90 - 87 +
91 @Test 88 @Test
92 - public void errorDuringCheckRole(){  
93 - try{ 89 + public void errorDuringCheckRole() {
  90 + try {
94 context.hasRole("role"); 91 context.hasRole("role");
95 - Assert.fail("Verificar papel deveria disparar exceção de runtime");  
96 - }  
97 - catch(AuthorizationException ae){  
98 - Assert.fail("A exceção disparada não foi a esperada");  
99 - }  
100 - catch(RuntimeException e){  
101 - //PASS 92 + fail("Verificar papel deveria disparar exceção de runtime");
  93 +
  94 + } catch (AuthorizationException cause) {
  95 + assertEquals(RuntimeException.class, cause.getCause().getClass());
102 } 96 }
103 } 97 }
104 - 98 +
105 @After 99 @After
106 - public void logoutAfterTest(){ 100 + public void logoutAfterTest() {
107 context.logout(); 101 context.logout();
108 } 102 }
109 - 103 +
110 } 104 }
impl/core/src/test/java/security/authorization/selection/SelectedAuthorizerTest.java
  Diff comments   View file @eedb5db
@@ -79,7 +79,6 @@ public class SelectedAuthorizerTest { @@ -79,7 +79,6 @@ public class SelectedAuthorizerTest {
79 79
80 @Test 80 @Test
81 public void selectedAuthorizerStrategy() { 81 public void selectedAuthorizerStrategy() {
82 - context.login();  
83 Assert.assertTrue(context.hasRole("role")); 82 Assert.assertTrue(context.hasRole("role"));
84 } 83 }
85 84
impl/core/src/test/java/security/interceptor/loggedin/CustomAuthenticator.java 0 → 100644
  Diff comments   View file @eedb5db
@@ -0,0 +1,81 @@ @@ -0,0 +1,81 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.interceptor.loggedin;
  38 +
  39 +import javax.enterprise.context.SessionScoped;
  40 +
  41 +import br.gov.frameworkdemoiselle.security.Authenticator;
  42 +import br.gov.frameworkdemoiselle.security.User;
  43 +
  44 +@SessionScoped
  45 +public class CustomAuthenticator implements Authenticator {
  46 +
  47 + private static final long serialVersionUID = 1L;
  48 +
  49 + private User currentUser;
  50 +
  51 + @Override
  52 + public void authenticate() {
  53 + this.currentUser = new User() {
  54 +
  55 + private static final long serialVersionUID = 1L;
  56 +
  57 + public String getId() {
  58 + return "demoiselle";
  59 + }
  60 +
  61 + @Override
  62 + public Object getAttribute(Object key) {
  63 + return null;
  64 + }
  65 +
  66 + @Override
  67 + public void setAttribute(Object key, Object value) {
  68 + }
  69 + };
  70 + }
  71 +
  72 + @Override
  73 + public void unauthenticate() {
  74 + this.currentUser = null;
  75 + }
  76 +
  77 + @Override
  78 + public User getUser() {
  79 + return this.currentUser;
  80 + }
  81 +}
impl/core/src/test/java/security/interceptor/loggedin/DummyProtectedClass.java 0 → 100644
  Diff comments   View file @eedb5db
@@ -0,0 +1,54 @@ @@ -0,0 +1,54 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.interceptor.loggedin;
  38 +
  39 +import br.gov.frameworkdemoiselle.security.LoggedIn;
  40 +
  41 +@LoggedIn
  42 +public class DummyProtectedClass {
  43 +
  44 + private String dummyAttrib;
  45 +
  46 + public String getDummyAttrib() {
  47 + return dummyAttrib;
  48 + }
  49 +
  50 + public void setDummyAttrib(String dummyAttrib) {
  51 + this.dummyAttrib = dummyAttrib;
  52 + }
  53 +
  54 +}
impl/core/src/test/java/security/interceptor/loggedin/LoggedInInterceptorTest.java 0 → 100644
  Diff comments   View file @eedb5db
@@ -0,0 +1,109 @@ @@ -0,0 +1,109 @@
  1 +/*
  2 + * Demoiselle Framework
  3 + * Copyright (C) 2010 SERPRO
  4 + * ----------------------------------------------------------------------------
  5 + * This file is part of Demoiselle Framework.
  6 + *
  7 + * Demoiselle Framework is free software; you can redistribute it and/or
  8 + * modify it under the terms of the GNU Lesser General Public License version 3
  9 + * as published by the Free Software Foundation.
  10 + *
  11 + * This program is distributed in the hope that it will be useful,
  12 + * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14 + * GNU General Public License for more details.
  15 + *
  16 + * You should have received a copy of the GNU Lesser General Public License version 3
  17 + * along with this program; if not, see <http://www.gnu.org/licenses/>
  18 + * or write to the Free Software Foundation, Inc., 51 Franklin Street,
  19 + * Fifth Floor, Boston, MA 02110-1301, USA.
  20 + * ----------------------------------------------------------------------------
  21 + * Este arquivo é parte do Framework Demoiselle.
  22 + *
  23 + * O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  24 + * modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  25 + * do Software Livre (FSF).
  26 + *
  27 + * Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  28 + * GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  29 + * APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  30 + * para maiores detalhes.
  31 + *
  32 + * Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  33 + * "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  34 + * ou escreva para a Fundação do Software Livre (FSF) Inc.,
  35 + * 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  36 + */
  37 +package security.interceptor.loggedin;
  38 +
  39 +import static junit.framework.Assert.assertEquals;
  40 +import static org.junit.Assert.assertEquals;
  41 +import static org.junit.Assert.assertNotNull;
  42 +import static org.junit.Assert.assertTrue;
  43 +
  44 +import javax.inject.Inject;
  45 +
  46 +import org.jboss.arquillian.container.test.api.Deployment;
  47 +import org.jboss.arquillian.junit.Arquillian;
  48 +import org.jboss.shrinkwrap.api.spec.JavaArchive;
  49 +import org.junit.After;
  50 +import org.junit.Before;
  51 +import org.junit.Test;
  52 +import org.junit.runner.RunWith;
  53 +
  54 +import br.gov.frameworkdemoiselle.context.RequestContext;
  55 +import br.gov.frameworkdemoiselle.context.SessionContext;
  56 +import br.gov.frameworkdemoiselle.security.AuthenticationException;
  57 +import br.gov.frameworkdemoiselle.security.NotLoggedInException;
  58 +import br.gov.frameworkdemoiselle.security.SecurityContext;
  59 +import br.gov.frameworkdemoiselle.util.Beans;
  60 +import br.gov.frameworkdemoiselle.util.NameQualifier;
  61 +import br.gov.frameworkdemoiselle.util.ResourceBundle;
  62 +
  63 +import test.Tests;
  64 +
  65 +@RunWith(Arquillian.class)
  66 +public class LoggedInInterceptorTest {
  67 +
  68 + @Inject
  69 + private DummyProtectedClass protectedClass;
  70 +
  71 + @Inject
  72 + private SecurityContext context;
  73 +
  74 + @Deployment
  75 + public static JavaArchive createDeployment() {
  76 + JavaArchive deployment = Tests.createDeployment();
  77 + deployment.addClass(DummyProtectedClass.class);
  78 + deployment.addClass(CustomAuthenticator.class);
  79 + return deployment;
  80 + }
  81 +
  82 + @Before
  83 + public void activeContext(){
  84 + SessionContext ctx = Beans.getReference(SessionContext.class);
  85 + ctx.activate();
  86 + }
  87 +
  88 + @Test
  89 + public void callProtectedClassAttribNotLogged() {
  90 + try {
  91 + protectedClass.getDummyAttrib();
  92 + } catch (NotLoggedInException cause) {
  93 + assertEquals(Beans.getReference(ResourceBundle.class, new NameQualifier("demoiselle-core-bundle"))
  94 + .getString("user-not-authenticated"), cause.getMessage());
  95 + }
  96 + }
  97 +
  98 + @Test
  99 + public void callProtectedClassAttribLogged() {
  100 + context.login();
  101 + protectedClass.getDummyAttrib();
  102 + }
  103 +
  104 + @After
  105 + public void deactiveContext(){
  106 + SessionContext ctx = Beans.getReference(SessionContext.class);
  107 + ctx.deactivate();
  108 + }
  109 +}
impl/core/src/test/java/transaction/createdstrategy/TransactionWithCreatedStrategyTest.java
  Diff comments   View file @eedb5db
@@ -47,11 +47,10 @@ import org.junit.Before; @@ -47,11 +47,10 @@ import org.junit.Before;
47 import org.junit.Test; 47 import org.junit.Test;
48 import org.junit.runner.RunWith; 48 import org.junit.runner.RunWith;
49 49
  50 +import test.Tests;
50 import br.gov.frameworkdemoiselle.transaction.Transaction; 51 import br.gov.frameworkdemoiselle.transaction.Transaction;
51 import br.gov.frameworkdemoiselle.transaction.TransactionContext; 52 import br.gov.frameworkdemoiselle.transaction.TransactionContext;
52 53
53 -import test.Tests;  
54 -  
55 @RunWith(Arquillian.class) 54 @RunWith(Arquillian.class)
56 public class TransactionWithCreatedStrategyTest { 55 public class TransactionWithCreatedStrategyTest {
57 56
impl/core/src/test/java/transaction/defaultstrategy/TransactionDefaultTest.java
  Diff comments   View file @eedb5db
@@ -45,12 +45,11 @@ import org.junit.Before; @@ -45,12 +45,11 @@ import org.junit.Before;
45 import org.junit.Test; 45 import org.junit.Test;
46 import org.junit.runner.RunWith; 46 import org.junit.runner.RunWith;
47 47
  48 +import test.Tests;
48 import br.gov.frameworkdemoiselle.DemoiselleException; 49 import br.gov.frameworkdemoiselle.DemoiselleException;
49 import br.gov.frameworkdemoiselle.transaction.Transaction; 50 import br.gov.frameworkdemoiselle.transaction.Transaction;
50 import br.gov.frameworkdemoiselle.transaction.TransactionContext; 51 import br.gov.frameworkdemoiselle.transaction.TransactionContext;
51 52
52 -import test.Tests;  
53 -  
54 @RunWith(Arquillian.class) 53 @RunWith(Arquillian.class)
55 public class TransactionDefaultTest { 54 public class TransactionDefaultTest {
56 55
impl/core/src/test/java/util/beans/BeansTest.java
  Diff comments   View file @eedb5db
@@ -48,7 +48,6 @@ import org.junit.Test; @@ -48,7 +48,6 @@ import org.junit.Test;
48 import org.junit.runner.RunWith; 48 import org.junit.runner.RunWith;
49 49
50 import test.Tests; 50 import test.Tests;
51 -  
52 import br.gov.frameworkdemoiselle.DemoiselleException; 51 import br.gov.frameworkdemoiselle.DemoiselleException;
53 import br.gov.frameworkdemoiselle.util.Beans; 52 import br.gov.frameworkdemoiselle.util.Beans;
54 53
impl/core/src/test/java/util/beans/QualifierOne.java
  Diff comments   View file @eedb5db
@@ -38,8 +38,8 @@ package util.beans; @@ -38,8 +38,8 @@ package util.beans;
38 38
39 import static java.lang.annotation.ElementType.FIELD; 39 import static java.lang.annotation.ElementType.FIELD;
40 import static java.lang.annotation.ElementType.METHOD; 40 import static java.lang.annotation.ElementType.METHOD;
41 -import static java.lang.annotation.ElementType.TYPE;  
42 import static java.lang.annotation.ElementType.PARAMETER; 41 import static java.lang.annotation.ElementType.PARAMETER;
  42 +import static java.lang.annotation.ElementType.TYPE;
43 import static java.lang.annotation.RetentionPolicy.RUNTIME; 43 import static java.lang.annotation.RetentionPolicy.RUNTIME;
44 44
45 import java.lang.annotation.Retention; 45 import java.lang.annotation.Retention;
impl/core/src/test/java/util/beans/QualifierTwo.java
  Diff comments   View file @eedb5db
@@ -38,8 +38,8 @@ package util.beans; @@ -38,8 +38,8 @@ package util.beans;
38 38
39 import static java.lang.annotation.ElementType.FIELD; 39 import static java.lang.annotation.ElementType.FIELD;
40 import static java.lang.annotation.ElementType.METHOD; 40 import static java.lang.annotation.ElementType.METHOD;
41 -import static java.lang.annotation.ElementType.TYPE;  
42 import static java.lang.annotation.ElementType.PARAMETER; 41 import static java.lang.annotation.ElementType.PARAMETER;
  42 +import static java.lang.annotation.ElementType.TYPE;
43 import static java.lang.annotation.RetentionPolicy.RUNTIME; 43 import static java.lang.annotation.RetentionPolicy.RUNTIME;
44 44
45 import java.lang.annotation.Retention; 45 import java.lang.annotation.Retention;
impl/core/src/test/resources/beans.xml
  Diff comments   View file @eedb5db
@@ -5,6 +5,7 @@ @@ -5,6 +5,7 @@
5 <class>br.gov.frameworkdemoiselle.transaction.TransactionalInterceptor</class> 5 <class>br.gov.frameworkdemoiselle.transaction.TransactionalInterceptor</class>
6 <class>br.gov.frameworkdemoiselle.security.RequiredPermissionInterceptor</class> 6 <class>br.gov.frameworkdemoiselle.security.RequiredPermissionInterceptor</class>
7 <class>br.gov.frameworkdemoiselle.security.RequiredRoleInterceptor</class> 7 <class>br.gov.frameworkdemoiselle.security.RequiredRoleInterceptor</class>
  8 + <class>br.gov.frameworkdemoiselle.security.LoggedInInterceptor</class>
8 <class>br.gov.frameworkdemoiselle.exception.ExceptionHandlerInterceptor</class> 9 <class>br.gov.frameworkdemoiselle.exception.ExceptionHandlerInterceptor</class>
9 </interceptors> 10 </interceptors>
10 11
impl/core/src/test/resources/security/authorization/disabled/demoiselle.properties 0 → 100644
  Diff comments   View file @eedb5db
@@ -0,0 +1,38 @@ @@ -0,0 +1,38 @@
  1 +# Demoiselle Framework
  2 +# Copyright (C) 2010 SERPRO
  3 +# ----------------------------------------------------------------------------
  4 +# This file is part of Demoiselle Framework.
  5 +#
  6 +# Demoiselle Framework is free software; you can redistribute it and/or
  7 +# modify it under the terms of the GNU Lesser General Public License version 3
  8 +# as published by the Free Software Foundation.
  9 +#
  10 +# This program is distributed in the hope that it will be useful,
  11 +# but WITHOUT ANY WARRANTY; without even the implied warranty of
  12 +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13 +# GNU General Public License for more details.
  14 +#
  15 +# You should have received a copy of the GNU Lesser General Public License version 3
  16 +# along with this program; if not, see <http://www.gnu.org/licenses/>
  17 +# or write to the Free Software Foundation, Inc., 51 Franklin Street,
  18 +# Fifth Floor, Boston, MA 02110-1301, USA.
  19 +# ----------------------------------------------------------------------------
  20 +# Este arquivo é parte do Framework Demoiselle.
  21 +#
  22 +# O Framework Demoiselle é um software livre; você pode redistribuí-lo e/ou
  23 +# modificá-lo dentro dos termos da GNU LGPL versão 3 como publicada pela Fundação
  24 +# do Software Livre (FSF).
  25 +#
  26 +# Este programa é distribuído na esperança que possa ser útil, mas SEM NENHUMA
  27 +# GARANTIA; sem uma garantia implícita de ADEQUAÇÃO a qualquer MERCADO ou
  28 +# APLICAÇÃO EM PARTICULAR. Veja a Licença Pública Geral GNU/LGPL em português
  29 +# para maiores detalhes.
  30 +#
  31 +# Você deve ter recebido uma cópia da GNU LGPL versão 3, sob o título
  32 +# "LICENCA.txt", junto com esse programa. Se não, acesse <http://www.gnu.org/licenses/>
  33 +# ou escreva para a Fundação do Software Livre (FSF) Inc.,
  34 +# 51 Franklin St, Fifth Floor, Boston, MA 02111-1301, USA.
  35 +
  36 +frameworkdemoiselle.security.authorizer.class=security.authorization.custom.CustomAuthorizer
  37 +#frameworkdemoiselle.security.authenticator.class=security.athentication.custom.CustomAuthenticator
  38 +frameworkdemoiselle.security.enabled=false
0 \ No newline at end of file 39 \ No newline at end of file
impl/extension/servlet/src/main/java/br/gov/frameworkdemoiselle/security/ServletAuthenticator.java
  Diff comments   View file @eedb5db
@@ -74,7 +74,7 @@ public class ServletAuthenticator implements Authenticator { @@ -74,7 +74,7 @@ public class ServletAuthenticator implements Authenticator {
74 } 74 }
75 75
76 @Override 76 @Override
77 - public void unAuthenticate() { 77 + public void unauthenticate() {
78 getCredentials().clear(); 78 getCredentials().clear();
79 try { 79 try {
80 getRequest().logout(); 80 getRequest().logout();