SecureCatalogIntegrationTest.java example

Explorer

geoserver-master
- doc
  - en
    - developer
      - source
        programming-guide
        ows-services
        hello
        src
        main
        java
        HelloWorld.java
        web-ui
        ComponentInfo.java
    - user
      - source
        security
        tutorials
        ldap
        acme-ldap
        src
        main
        java
        org
        acme
        Ldap.java
- src

/* (c) 2014 Open Source Geospatial Foundation - all rights reserved
 * (c) 2001 - 2013 OpenPlans
 * This code is licensed under the GPL 2.0 license, available at the root
 * application directory.
 */
package org.geoserver.security.impl;

import static org.junit.Assert.fail;

import java.io.File;

import org.geoserver.data.test.MockData;
import org.geoserver.data.test.SystemTestData;
import org.geoserver.security.decorators.ReadOnlyDataStoreTest;
import org.geoserver.test.GeoServerSystemTestSupport;
import org.geoserver.test.SystemTest;
import org.geoserver.util.IOUtils;
import org.geotools.data.FeatureSource;
import org.geotools.data.FeatureStore;
import org.geotools.feature.FeatureCollection;
import org.junit.Test;
import org.junit.experimental.categories.Category;
import org.opengis.filter.Filter;

/**
 * Tests that security rules are applied in a real simulation of a GeoServer
 * startup (loading the Spring context, reading the catalog and whatnot)
 * 
 * @author Andrea Aime - GeoSolutions
 * 
 */
@Category(SystemTest.class)
public class SecureCatalogIntegrationTest extends GeoServerSystemTestSupport {

    @Override
    protected void setUpTestData(SystemTestData testData) throws Exception {
        super.setUpTestData(testData);

        File security = new File(testData.getDataDirectoryRoot(), "security");
        File layers = new File(security, "layers.properties");
        IOUtils.copy(SecureCatalogIntegrationTest.class
                .getResourceAsStream("functional.properties"), layers);
    }

    @Test
    public void testFullAccess() throws Exception {
        FeatureSource source = getFeatureSource(MockData.LINES);
        FeatureCollection fc = source.getFeatures();
        FeatureStore store = (FeatureStore) source;
        store.removeFeatures(Filter.INCLUDE);
    }

    @Test
    public void testCannotRead() throws Exception {
        try {
            getFeatureSource(MockData.BUILDINGS);
            fail("This should have failed with a security exception!");
        } catch (Exception e) {
            if (ReadOnlyDataStoreTest.isSpringSecurityException(e)==false)
                fail("Should have failed with a security exception");
        }
    }

    @Test
    public void testCannotWrite() throws Exception {
        FeatureStore fs = (FeatureStore) getFeatureSource(MockData.DELETES);
                
        try {
            fs.removeFeatures(Filter.INCLUDE);
            fail("This should have failed with a security exception!");
        } catch (Exception e) {
            if (ReadOnlyDataStoreTest.isSpringSecurityException(e)==false)
                fail("Should have failed with a security exception");
        }
    }
}