AclScannerTest.java

/**
 * Licensed to The Apereo Foundation under one or more contributor license
 * agreements. See the NOTICE file distributed with this work for additional
 * information regarding copyright ownership.
 *
 *
 * The Apereo Foundation licenses this file to you under the Educational
 * Community License, Version 2.0 (the "License"); you may not use this file
 * except in compliance with the License. You may obtain a copy of the License
 * at:
 *
 *   http://opensource.org/licenses/ecl2.txt
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  See the
 * License for the specific language governing permissions and limitations under
 * the License.
 *
 */

package org.opencastproject.authorization.xacml.manager.impl;

import static org.easymock.EasyMock.anyLong;
import static org.easymock.EasyMock.anyObject;
import static org.easymock.EasyMock.anyString;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;

import org.opencastproject.authorization.xacml.manager.api.AclService;
import org.opencastproject.authorization.xacml.manager.api.AclServiceFactory;
import org.opencastproject.authorization.xacml.manager.api.EpisodeACLTransition;
import org.opencastproject.authorization.xacml.manager.api.ManagedAcl;
import org.opencastproject.authorization.xacml.manager.api.SeriesACLTransition;
import org.opencastproject.authorization.xacml.manager.api.TransitionQuery;
import org.opencastproject.message.broker.api.MessageSender;
import org.opencastproject.security.api.AccessControlList;
import org.opencastproject.security.api.DefaultOrganization;
import org.opencastproject.security.api.Organization;
import org.opencastproject.security.api.OrganizationDirectoryService;
import org.opencastproject.security.api.SecurityService;
import org.opencastproject.security.impl.jpa.JpaOrganization;
import org.opencastproject.util.data.Option;

import org.easymock.EasyMock;
import org.junit.Before;
import org.junit.Ignore;
import org.junit.Test;

import java.io.File;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;

import javax.xml.bind.JAXBException;
import javax.xml.bind.UnmarshalException;

public class AclScannerTest {

  private AclDb aclDb;
  private OrganizationDirectoryService orgService;
  private AclScanner aclScanner;

  @Before
  public void setUp() throws Exception {
    Organization org1 = new JpaOrganization("org1", "org1", new HashMap<String, Integer>(), "ADMIN", "ANONYMOUS",
            new HashMap<String, String>());
    Organization org2 = new JpaOrganization("org2", "org2", new HashMap<String, Integer>(), "ADMIN", "ANONYMOUS",
            new HashMap<String, String>());
    Organization org3 = new JpaOrganization("org3", "org3", new HashMap<String, Integer>(), "ADMIN", "ANONYMOUS",
            new HashMap<String, String>());

    List<Organization> orgs = new ArrayList<>();
    orgs.add(org1);
    orgs.add(org2);
    orgs.add(org3);

    aclDb = EasyMock.createNiceMock(AclDb.class);

    orgService = EasyMock.createNiceMock(OrganizationDirectoryService.class);
    EasyMock.expect(orgService.getOrganizations()).andReturn(orgs).anyTimes();

    final SecurityService securityService = EasyMock.createNiceMock(SecurityService.class);

    final MessageSender messageSender = EasyMock.createNiceMock(MessageSender.class);

    final AclTransitionDb aclTransitionDb = EasyMock.createNiceMock(AclTransitionDb.class);
    List<EpisodeACLTransition> episodeTransitions = new ArrayList<>();
    List<SeriesACLTransition> seriesTransitions = new ArrayList<>();
    EasyMock.expect(aclTransitionDb.getByQuery(EasyMock.anyObject(Organization.class),
            EasyMock.anyObject(TransitionQuery.class)))
            .andReturn(new TransitionResultImpl(episodeTransitions, seriesTransitions)).anyTimes();

    // EasyMock.replay(aclDb);
    EasyMock.replay(orgService, messageSender, aclTransitionDb, securityService);

    AclServiceFactory aclServiceFactory = new AclServiceFactory() {
      @Override
      public AclService serviceFor(Organization org) {
        return new AclServiceImpl(new DefaultOrganization(), aclDb, aclTransitionDb, null, null, null, null,
                messageSender, null);
      }
    };

    aclScanner = new AclScanner();
    aclScanner.setAclServiceFactory(aclServiceFactory);
    aclScanner.setOrganizationDirectoryService(orgService);
    aclScanner.setSecurityService(securityService);
  }

  @Test
  @Ignore
  public void testCanHandle() {
    File wrongDirectory = EasyMock.createNiceMock(File.class);
    EasyMock.expect(wrongDirectory.getName()).andReturn("wrong").anyTimes();
    EasyMock.replay(wrongDirectory);

    File correctDirectory = EasyMock.createNiceMock(File.class);
    EasyMock.expect(correctDirectory.getName()).andReturn(AclScanner.ACL_DIRECTORY).anyTimes();
    EasyMock.replay(correctDirectory);

    File wrongFilenameWrongDirectory = EasyMock.createNiceMock(File.class);
    EasyMock.expect(wrongFilenameWrongDirectory.getParentFile()).andReturn(wrongDirectory);
    EasyMock.expect(wrongFilenameWrongDirectory.getName()).andReturn("wrong.properties");
    EasyMock.replay(wrongFilenameWrongDirectory);

    File wrongFilenameRightDirectory = EasyMock.createNiceMock(File.class);
    EasyMock.expect(wrongFilenameRightDirectory.getParentFile()).andReturn(correctDirectory);
    EasyMock.expect(wrongFilenameRightDirectory.getName()).andReturn("wrong.properties");
    EasyMock.replay(wrongFilenameRightDirectory);

    File rightFilenameWrongDirectory = EasyMock.createNiceMock(File.class);
    EasyMock.expect(rightFilenameWrongDirectory.getParentFile()).andReturn(wrongDirectory);
    EasyMock.expect(rightFilenameWrongDirectory.getName()).andReturn("right.xml");
    EasyMock.replay(rightFilenameWrongDirectory);

    File rightFilenameRightDirectory = EasyMock.createNiceMock(File.class);
    EasyMock.expect(rightFilenameRightDirectory.getParentFile()).andReturn(correctDirectory).anyTimes();
    EasyMock.expect(rightFilenameRightDirectory.getName()).andReturn("right.xml").anyTimes();
    EasyMock.replay(rightFilenameRightDirectory);

    AclScanner listProvidersScanner = new AclScanner();
    assertFalse(listProvidersScanner.canHandle(wrongFilenameWrongDirectory));
    assertFalse(listProvidersScanner.canHandle(wrongFilenameRightDirectory));
    assertFalse(listProvidersScanner.canHandle(rightFilenameWrongDirectory));
    assertTrue(listProvidersScanner.canHandle(rightFilenameRightDirectory));
  }

  @Test
  public void testCorrectFileInstall() throws Exception {
    File file = new File(AclScannerTest.class.getResource("/xacml_correct.xml").getFile());

    ManagedAcl acl = new ManagedAclImpl(1L, "TestAcl", "org", new AccessControlList());
    Option<ManagedAcl> managedAcl = Option.some(acl);
    EasyMock.expect(aclDb.createAcl(anyObject(Organization.class), anyObject(AccessControlList.class), anyString()))
            .andReturn(managedAcl).times(3);
    EasyMock.expect(aclDb.getAcls(anyObject(Organization.class))).andReturn(new ArrayList<ManagedAcl>()).times(3);
    EasyMock.replay(aclDb);

    aclScanner.install(file);

    EasyMock.verify(aclDb);
  }

  @Test
  public void testCorruptedFileInstall() throws Exception {
    File file = new File(AclScannerTest.class.getResource("/xacml_errors.xml").getFile());

    try {
      aclScanner.install(file);
      fail("Should not be parsed.");
    } catch (JAXBException e) {
      assertTrue("The file can not be parsed.", e instanceof UnmarshalException);
    }
  }

  @Test
  public void testCorrectFileUpdate() throws Exception {
    File file = new File(AclScannerTest.class.getResource("/xacml_correct.xml").getFile());

    ManagedAcl acl = new ManagedAclImpl(1L, "TestAcl", "org", new AccessControlList());
    Option<ManagedAcl> managedAcl = Option.some(acl);
    EasyMock.expect(aclDb.createAcl(anyObject(Organization.class), anyObject(AccessControlList.class), anyString()))
            .andReturn(managedAcl).times(3);
    EasyMock.expect(aclDb.getAcl(anyObject(Organization.class), anyLong())).andReturn(managedAcl).times(3);
    EasyMock.expect(aclDb.updateAcl(anyObject(ManagedAcl.class))).andReturn(true).times(3);
    EasyMock.expect(aclDb.getAcls(anyObject(Organization.class))).andReturn(new ArrayList<ManagedAcl>()).times(3);
    EasyMock.replay(aclDb);

    aclScanner.install(file);

    aclScanner.update(file);

    EasyMock.verify(aclDb);
  }

  @Test
  public void testMissingFileUpdate() throws Exception {
    File file1 = new File(AclScannerTest.class.getResource("/xacml_correct.xml").getFile());
    File file2 = new File(AclScannerTest.class.getResource("/xacml_correct2.xml").getFile());

    ManagedAcl acl = new ManagedAclImpl(1L, "TestAcl", "org", new AccessControlList());
    Option<ManagedAcl> managedAcl = Option.some(acl);
    EasyMock.expect(aclDb.createAcl(anyObject(Organization.class), anyObject(AccessControlList.class), anyString()))
            .andReturn(managedAcl).times(3);
    EasyMock.expect(aclDb.getAcls(anyObject(Organization.class))).andReturn(new ArrayList<ManagedAcl>()).times(3);
    EasyMock.replay(aclDb);

    aclScanner.install(file1);

    aclScanner.update(file2);

    EasyMock.verify(aclDb);
  }

  @Test
  public void testCorruptedFileUpdate() throws Exception {
    File file = new File(AclScannerTest.class.getResource("/xacml_errors.xml").getFile());

    try {
      aclScanner.update(file);
      fail("Should not be parsed.");
    } catch (JAXBException e) {
      assertTrue("The file can not be parsed.", e instanceof UnmarshalException);
    }
  }

  @Test
  public void testRemoveFile() throws Exception {
    File file1 = new File(AclScannerTest.class.getResource("/xacml_correct.xml").getFile());
    Long id = 1L;
    String org = "org";
    ManagedAcl acl = new ManagedAclImpl(id, "TestAcl", org, new AccessControlList());
    Option<ManagedAcl> managedAcl = Option.some(acl);
    EasyMock.expect(aclDb.createAcl(anyObject(Organization.class), anyObject(AccessControlList.class), anyString()))
            .andReturn(managedAcl).times(3);
    EasyMock.expect(aclDb.getAcl(EasyMock.anyObject(Organization.class), anyLong())).andReturn(managedAcl).times(3);
    EasyMock.expect(aclDb.deleteAcl(anyObject(Organization.class), anyLong())).andReturn(true).times(3);
    EasyMock.expect(aclDb.getAcls(anyObject(Organization.class))).andReturn(new ArrayList<ManagedAcl>()).times(3);
    EasyMock.replay(aclDb);

    aclScanner.install(file1);
    aclScanner.uninstall(file1);

    EasyMock.verify(aclDb);
  }

  @Test
  public void testRemoveMissingFile() throws Exception {
    File file1 = new File(AclScannerTest.class.getResource("/xacml_correct.xml").getFile());
    File file2 = new File(AclScannerTest.class.getResource("/xacml_correct2.xml").getFile());
    ManagedAcl acl = new ManagedAclImpl(1L, "TestAcl", "org", new AccessControlList());
    Option<ManagedAcl> managedAcl = Option.some(acl);
    EasyMock.expect(aclDb.createAcl(anyObject(Organization.class), anyObject(AccessControlList.class), anyString()))
            .andReturn(managedAcl).times(3);
    EasyMock.expect(aclDb.getAcls(anyObject(Organization.class))).andReturn(new ArrayList<ManagedAcl>()).times(3);
    EasyMock.replay(aclDb);

    aclScanner.install(file1);
    aclScanner.uninstall(file2);

    EasyMock.verify(aclDb);
  }

}