MdoAuthorizationServiceImplTest.java

package fr.mch.mdo.restaurant.services.authorization.jaas;

import java.security.Policy;

import javax.security.auth.Subject;

import junit.framework.Test;
import junit.framework.TestSuite;
import fr.mch.mdo.restaurant.authentication.IMdoAuthenticationService;
import fr.mch.mdo.restaurant.authorization.IMdoAuthorizationService;
import fr.mch.mdo.restaurant.dto.beans.MdoUserContext;
import fr.mch.mdo.restaurant.exception.MdoException;
import fr.mch.mdo.restaurant.resources.IResources;
import fr.mch.mdo.restaurant.services.authentication.jaas.MdoAuthenticationServiceImpl;
import fr.mch.mdo.restaurant.services.jaas.MdoAuthenticationBasicTestCase;
import fr.mch.mdo.test.MdoTestCase;

/**
 * @author Mathieu MA
 * 
 *         To change this generated comment edit the template variable
 *         "typecomment": Window>Preferences>Java>Templates. To enable and
 *         disable the creation of type comments go to
 *         Window>Preferences>Java>Code Generation.
 */
public class MdoAuthorizationServiceImplTest extends MdoAuthenticationBasicTestCase {
	/**
	 * Create the test case
	 * 
	 * @param testName
	 *            name of the test case
	 */
	public MdoAuthorizationServiceImplTest(String testName) {
		super(testName);
	}

	/**
	 * @return the suite of tests being tested
	 */
	public static Test suite() {
		return new TestSuite(MdoAuthorizationServiceImplTest.class);
	}

	public void testGetInstance() {
		IMdoAuthorizationService iMdoAuthorizationService = MdoAuthorizationServiceImpl.getInstance();
		assertTrue(iMdoAuthorizationService instanceof MdoAuthorizationServiceImpl);
	}

	public void testGetPermission() {
		IMdoAuthorizationService iMdoAuthorizationService = MdoAuthorizationServiceImpl.getInstance();
		assertTrue("Check the getPermission method", iMdoAuthorizationService.getPermission("/administration/LocalesManager") instanceof URLPermission);
	}

	public void testPermitted() {

		String authPolicyPath = null;
		try {
			// Don't use URL.getFile or URL.getPath instead convert to URI first
			// Because when using URL and the path contains space then the
			// URL.getFile or URL.getPath will convert space to "%20"
			authPolicyPath = IResources.class.getResource("jaas/montagnesdorjaasTest.policy").toURI().getPath();
		} catch (Exception e) {
			fail(MdoTestCase.DEFAULT_FAILED_MESSAGE + " " + e.getMessage());
		}
		// Gives the client the JAAS permissions it needs
		System.setProperty("java.security.auth.policy", authPolicyPath);

		Policy.getPolicy().refresh();

		IMdoAuthorizationService iMdoAuthorizationService = MdoAuthorizationServiceImpl.getInstance();
		Subject subject = new Subject();
		subject.getPrincipals().add(new TypedPrincipal("GLOBAL_ADMINISTRATOR"));
		String pageReqPermission = "/administration/LocalesManager";
		assertEquals("Check permitted method", pageReqPermission, iMdoAuthorizationService.permitted(subject, pageReqPermission));

		subject = new Subject();
		subject.getPrincipals().add(new TypedPrincipal("TATA"));
		// Every body could access to this page
		pageReqPermission = "/administration/Logon";
		assertEquals("Check permitted method", pageReqPermission, iMdoAuthorizationService.permitted(subject, pageReqPermission));

		subject = new Subject();
		subject.getPrincipals().add(new TypedPrincipal("USER"));
		// USER could not access to this page
		pageReqPermission = "/administration/LocalesManager";
		assertNull("Check permitted method", iMdoAuthorizationService.permitted(subject, pageReqPermission));

		subject = new Subject();
		subject.getPrincipals().add(new TypedPrincipal("TITI"));
		// USER could not access to this page
		pageReqPermission = "/administration/UserRolesManager";
		assertNull("Check permitted method", iMdoAuthorizationService.permitted(subject, pageReqPermission));

		subject = new Subject();
		subject.getPrincipals().add(new TypedPrincipal("TOTO"));
		// TOTO could not access to this page
		pageReqPermission = "/administration/RestaurantsManager";
		assertNull("Check permitted method", iMdoAuthorizationService.permitted(subject, pageReqPermission));
		subject.getPrincipals().add(new TypedPrincipal("TITI"));
		// TITI and TOTO could access to this page
		pageReqPermission = "/administration/UserRolesManager";
		assertEquals("Check permitted method", pageReqPermission, iMdoAuthorizationService.permitted(subject, pageReqPermission));

	}

	public void testNominalUseCase() {
		IMdoAuthenticationService iMdoAuthenticationService = MdoAuthenticationServiceImpl.getInstance();
		MdoUserContext userContext = null;
		try {
			userContext = (MdoUserContext) iMdoAuthenticationService.authenticate("mch", "mch");
		} catch (MdoException e) {
			fail(MdoTestCase.DEFAULT_FAILED_MESSAGE + " " + e.getMessage());
		}
		IMdoAuthorizationService iMdoAuthorizationService = MdoAuthorizationServiceImpl.getInstance();
		iMdoAuthorizationService.permitted(userContext.getSubject(), "/administration/LocalesManager");
	}
}