AuthorizeTagTests xref


1   /* Copyright 2004, 2005 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity.taglibs.authz;
17  
18  import junit.framework.TestCase;
19  
20  import org.acegisecurity.GrantedAuthority;
21  import org.acegisecurity.GrantedAuthorityImpl;
22  import org.acegisecurity.context.SecurityContextHolder;
23  import org.acegisecurity.context.SecurityContextImpl;
24  import org.acegisecurity.providers.TestingAuthenticationToken;
25  
26  import javax.servlet.jsp.JspException;
27  import javax.servlet.jsp.tagext.Tag;
28  
29  
30  /***
31   * DOCUMENT ME!
32   *
33   * @author Francois Beausoleil
34   * @version $Id: AuthorizeTagTests.java,v 1.11 2005/11/17 00:55:51 benalex Exp $
35   */
36  public class AuthorizeTagTests extends TestCase {
37      //~ Instance fields ========================================================
38  
39      private final AuthorizeTag authorizeTag = new AuthorizeTag();
40      private TestingAuthenticationToken currentUser;
41  
42      //~ Methods ================================================================
43  
44      public void testAlwaysReturnsUnauthorizedIfNoUserFound()
45          throws JspException {
46          SecurityContextHolder.getContext().setAuthentication(null);
47  
48          authorizeTag.setIfAllGranted("ROLE_TELLER");
49          assertEquals("prevents request - no principal in Context",
50              Tag.SKIP_BODY, authorizeTag.doStartTag());
51      }
52  
53      public void testDefaultsToNotOutputtingBodyWhenNoRequiredAuthorities()
54          throws JspException {
55          assertEquals("", authorizeTag.getIfAllGranted());
56          assertEquals("", authorizeTag.getIfAnyGranted());
57          assertEquals("", authorizeTag.getIfNotGranted());
58  
59          assertEquals("prevents body output - no authorities granted",
60              Tag.SKIP_BODY, authorizeTag.doStartTag());
61      }
62  
63      public void testOutputsBodyIfOneRolePresent() throws JspException {
64          authorizeTag.setIfAnyGranted("ROLE_TELLER");
65          assertEquals("authorized - ROLE_TELLER in both sets",
66              Tag.EVAL_BODY_INCLUDE, authorizeTag.doStartTag());
67      }
68  
69      public void testOutputsBodyWhenAllGranted() throws JspException {
70          authorizeTag.setIfAllGranted("ROLE_SUPERVISOR,ROLE_TELLER");
71          assertEquals("allows request - all required roles granted on principal",
72              Tag.EVAL_BODY_INCLUDE, authorizeTag.doStartTag());
73      }
74  
75      public void testOutputsBodyWhenNotGrantedSatisfied()
76          throws JspException {
77          authorizeTag.setIfNotGranted("ROLE_BANKER");
78          assertEquals("allows request - principal doesn't have ROLE_BANKER",
79              Tag.EVAL_BODY_INCLUDE, authorizeTag.doStartTag());
80      }
81  
82      public void testPreventsBodyOutputIfNoSecurityContext()
83          throws JspException {
84          SecurityContextHolder.getContext().setAuthentication(null);
85          authorizeTag.setIfAnyGranted("ROLE_BANKER");
86  
87          assertEquals("prevents output - no context defined", Tag.SKIP_BODY,
88              authorizeTag.doStartTag());
89      }
90  
91      public void testSkipsBodyIfNoAnyRolePresent() throws JspException {
92          authorizeTag.setIfAnyGranted("ROLE_BANKER");
93          assertEquals("unauthorized - ROLE_BANKER not in granted authorities",
94              Tag.SKIP_BODY, authorizeTag.doStartTag());
95      }
96  
97      public void testSkipsBodyWhenMissingAnAllGranted()
98          throws JspException {
99          authorizeTag.setIfAllGranted("ROLE_SUPERVISOR,ROLE_TELLER,ROLE_BANKER");
100         assertEquals("prevents request - missing ROLE_BANKER on principal",
101             Tag.SKIP_BODY, authorizeTag.doStartTag());
102     }
103 
104     public void testSkipsBodyWhenNotGrantedUnsatisfied()
105         throws JspException {
106         authorizeTag.setIfNotGranted("ROLE_TELLER");
107         assertEquals("prevents request - principal has ROLE_TELLER",
108             Tag.SKIP_BODY, authorizeTag.doStartTag());
109     }
110 
111     protected void setUp() throws Exception {
112         super.setUp();
113 
114         currentUser = new TestingAuthenticationToken("abc", "123",
115                 new GrantedAuthority[] {new GrantedAuthorityImpl(
116                         "ROLE_SUPERVISOR"), new GrantedAuthorityImpl(
117                         "ROLE_TELLER"),});
118 
119         SecurityContextHolder.getContext().setAuthentication(currentUser);
120     }
121 
122     protected void tearDown() throws Exception {
123         SecurityContextHolder.setContext(new SecurityContextImpl());
124     }
125 }