1   /* Copyright 2004, 2005 Acegi Technology Pty Limited
2    *
3    * Licensed under the Apache License, Version 2.0 (the "License");
4    * you may not use this file except in compliance with the License.
5    * You may obtain a copy of the License at
6    *
7    *     http://www.apache.org/licenses/LICENSE-2.0
8    *
9    * Unless required by applicable law or agreed to in writing, software
10   * distributed under the License is distributed on an "AS IS" BASIS,
11   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12   * See the License for the specific language governing permissions and
13   * limitations under the License.
14   */
15  
16  package org.acegisecurity.taglibs.velocity;
17  
18  import junit.framework.TestCase;
19  
20  import org.acegisecurity.GrantedAuthority;
21  import org.acegisecurity.GrantedAuthorityImpl;
22  
23  import org.acegisecurity.context.SecurityContextHolder;
24  import org.acegisecurity.context.SecurityContextImpl;
25  
26  import org.acegisecurity.providers.TestingAuthenticationToken;
27  
28  
29  /***
30   * DOCUMENT ME!
31   */
32  public class AuthzImplAuthorizeTagTest extends TestCase {
33      //~ Instance fields ========================================================
34  
35      private Authz authz = new AuthzImpl();
36      private TestingAuthenticationToken currentUser;
37  
38      //~ Methods ================================================================
39  
40      protected void setUp() throws Exception {
41          super.setUp();
42  
43          currentUser = new TestingAuthenticationToken("abc", "123",
44                  new GrantedAuthority[] {new GrantedAuthorityImpl(
45                          "ROLE_SUPERVISOR"), new GrantedAuthorityImpl(
46                          "ROLE_TELLER"),});
47  
48          SecurityContextHolder.getContext().setAuthentication(currentUser);
49      }
50  
51      protected void tearDown() throws Exception {
52          SecurityContextHolder.setContext(new SecurityContextImpl());
53      }
54  
55      public void testAlwaysReturnsUnauthorizedIfNoUserFound() {
56          SecurityContextHolder.getContext().setAuthentication(null);
57  
58          //prevents request - no principal in Context
59          assertFalse(authz.allGranted("ROLE_TELLER"));
60      }
61  
62      public void testDefaultsToNotOutputtingBodyWhenNoRequiredAuthorities() {
63          //prevents body output - no authorities granted
64          assertFalse(authz.allGranted(""));
65          assertFalse(authz.anyGranted(""));
66          assertFalse(authz.noneGranted(""));
67      }
68  
69      public void testOutputsBodyIfOneRolePresent() {
70          //authorized - ROLE_TELLER in both sets
71          assertTrue(authz.anyGranted("ROLE_TELLER"));
72      }
73  
74      public void testOutputsBodyWhenAllGranted() {
75          // allows request - all required roles granted on principal
76          assertTrue(authz.allGranted("ROLE_SUPERVISOR,ROLE_TELLER"));
77      }
78  
79      public void testOutputsBodyWhenNotGrantedSatisfied() {
80          // allows request - principal doesn't have ROLE_BANKER
81          assertTrue(authz.noneGranted("ROLE_BANKER"));
82      }
83  
84      public void testPreventsBodyOutputIfNoSecureContext() {
85          SecurityContextHolder.getContext().setAuthentication(null);
86  
87          // prevents output - no context defined
88          assertFalse(authz.anyGranted("ROLE_BANKER"));
89      }
90  
91      public void testSkipsBodyIfNoAnyRolePresent() {
92          // unauthorized - ROLE_BANKER not in granted authorities
93          assertFalse(authz.anyGranted("ROLE_BANKER"));
94      }
95  
96      public void testSkipsBodyWhenMissingAnAllGranted() {
97          //  prevents request - missing ROLE_BANKER on principal
98          assertFalse(authz.allGranted("ROLE_SUPERVISOR,ROLE_TELLER,ROLE_BANKER"));
99      }
100 
101     public void testSkipsBodyWhenNotGrantedUnsatisfied() {
102         //  prevents request - principal has ROLE_TELLER
103         assertFalse(authz.noneGranted("ROLE_TELLER"));
104     }
105 }