AbstractAuthorizationAnnotationTest.java

/*
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */
package org.apache.shiro.spring.security.interceptor;

import org.apache.shiro.authz.UnauthenticatedException;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.subject.support.SubjectThreadState;
import org.apache.shiro.util.ThreadState;
import org.junit.After;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;

/**
 * Common method tests across implementations.  In actuality, the methods don't change across
 * subclasses - only the mechanism that enables AOP pointcuts and applies advice.  Those differences
 * are in spring configuration only.
 *
 * @since 1.1
 */
@RunWith(SpringJUnit4ClassRunner.class)
@ContextConfiguration
public abstract class AbstractAuthorizationAnnotationTest {

    @Autowired
    protected TestService testService;
    @Autowired
    private org.apache.shiro.mgt.SecurityManager securityManager;
    @Autowired
    private Realm realm;

    private ThreadState threadState;

    protected void bind(Subject subject) {
        clearSubject();
        this.threadState = new SubjectThreadState(subject);
        this.threadState.bind();
    }

    @After
    public void clearSubject() {
        if (threadState != null) {
            threadState.clear();
        }
    }

    protected void bindGuest() {
        bind(new Subject.Builder(securityManager).buildSubject());
    }

    protected void bindUser() {
        PrincipalCollection principals = new SimplePrincipalCollection("test", realm.getName());
        bind(new Subject.Builder(securityManager).principals(principals).buildSubject());
    }

    protected void bindAuthenticatedUser() {
        PrincipalCollection principals = new SimplePrincipalCollection("test", realm.getName());
        bind(new Subject.Builder(securityManager).
                principals(principals).authenticated(true).buildSubject());
    }

    // GUEST OPERATIONS:

    @Test
    public void testGuestImplementation() {
        bindGuest();
        testService.guestImplementation();
    }

    @Test(expected = UnauthenticatedException.class)
    public void testGuestImplementationFailure() {
        bindUser();
        testService.guestImplementation();
    }

    @Test
    public void testGuestInterface() {
        bindGuest();
        testService.guestInterface();
    }
    //testGuestInterfaceFailure() cannot be in this class - the SchemaAuthorizationAnnotationTest
    //subclass does not support annotations on interfaces (Spring AspectJ pointcut expressions
    //do not support annotations on interface methods).  It is instead in the
    //DapcAuthorizationAnnotationTest subclass


    // USER OPERATIONS

    @Test
    public void testUserImplementation() {
        bindUser();
        testService.userImplementation();
    }

    @Test(expected = UnauthenticatedException.class)
    public void testUserImplementationFailure() {
        bindGuest();
        testService.userImplementation();
    }

    @Test
    public void testUserInterface() {
        bindUser();
        testService.userInterface();
    }
    //testUserInterfaceFailure() cannot be in this class - the SchemaAuthorizationAnnotationTest
    //subclass does not support annotations on interfaces (Spring AspectJ pointcut expressions
    //do not support annotations on interface methods).  It is instead in the
    //DapcAuthorizationAnnotationTest subclass


    // AUTHENTICATED USER OPERATIONS

    @Test
    public void testAuthenticatedImplementation() {
        bindAuthenticatedUser();
        testService.authenticatedImplementation();
    }

    @Test(expected = UnauthenticatedException.class)
    public void testAuthenticatedImplementationFailure() {
        bindUser();
        testService.authenticatedImplementation();
    }

    @Test
    public void testAuthenticatedInterface() {
        bindAuthenticatedUser();
        testService.authenticatedInterface();
    }
    //testAuthenticatedInterfaceFailure() cannot be in this class - the SchemaAuthorizationAnnotationTest
    //subclass does not support annotations on interfaces (Spring AspectJ pointcut expressions
    //do not support annotations on interface methods).  It is instead in the
    //DapcAuthorizationAnnotationTest subclass
}