/*
* JBoss, Home of Professional Open Source
*
* Copyright 2015 Red Hat, Inc. and/or its affiliates.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wildfly.security.authz.jacc;
import org.junit.rules.TestRule;
import org.junit.runner.Description;
import org.junit.runners.model.Statement;
import org.wildfly.security.auth.server.SecurityDomain;
import org.wildfly.security.auth.server.SecurityIdentity;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.annotation.Target;
import java.security.PrivilegedAction;
/**
* @author <a href="mailto:psilva@redhat.com">Pedro Igor</a>
*/
public class SecurityIdentityRule implements TestRule {
private SecurityDomain securityDomain;
public SecurityIdentityRule(SecurityDomain securityDomain) {
this.securityDomain = securityDomain;
}
@Override
public Statement apply(Statement base, Description description) {
RunAs runAs = description.getAnnotation(RunAs.class);
if (runAs == null) {
runAs = description.getTestClass().getAnnotation(RunAs.class);
}
if (runAs == null) {
throw new RuntimeException("@RunAs is missing on test method or test class.");
}
final SecurityIdentity runAsIdentity = runAs.value().equals("anonymous") ?
securityDomain.getCurrentSecurityIdentity().createRunAsAnonymous() :
securityDomain.getCurrentSecurityIdentity().createRunAsIdentity(runAs.value());
return new RunAsSecurityIdentity(base, runAsIdentity);
}
public class RunAsSecurityIdentity extends Statement {
private final SecurityIdentity authorizedIdentity;
private final Statement delegate;
public RunAsSecurityIdentity(Statement delegate, SecurityIdentity authorizedIdentity) {
this.delegate = delegate;
this.authorizedIdentity = authorizedIdentity;
}
@Override
public void evaluate() throws Throwable {
this.authorizedIdentity.runAs((PrivilegedAction<Void>) () -> {
try {
this.delegate.evaluate();
} catch (Throwable cause) {
throw new RuntimeException("Error while evaluating test method.", cause);
}
return null;
});
}
}
@Retention(RetentionPolicy.RUNTIME)
@Target({ElementType.TYPE, ElementType.METHOD})
public @interface RunAs {
String value();
}
}