Search in sources :

Example 1 with ClientWhitelist

use of org.apache.tapestry5.services.security.ClientWhitelist in project tapestry-5 by apache.

the class ComponentEventDispatcherTest method request_for_whitelist_only_page_from_client_not_on_whitelist.

@Test
public void request_for_whitelist_only_page_from_client_not_on_whitelist() throws IOException {
    String requestPath = "/foo/MyPage:anevent";
    String localeName = "foo";
    String containerPageName = "foo/MyPage";
    ComponentRequestHandler handler = mockComponentRequestHandler();
    Request request = mockRequest();
    Response response = mockResponse();
    ComponentClassResolver resolver = mockComponentClassResolver();
    LocalizationSetter localizationSetter = mockLocalizationSetter();
    MetaDataLocator metaDataLocator = newMock(MetaDataLocator.class);
    ClientWhitelist whitelist = newMock(ClientWhitelist.class);
    train_getPath(request, requestPath);
    expect(localizationSetter.isSupportedLocaleName("foo")).andReturn(false);
    train_isPageName(resolver, containerPageName, true);
    train_canonicalizePageName(resolver, containerPageName, containerPageName);
    expect(metaDataLocator.findMeta(MetaDataConstants.WHITELIST_ONLY_PAGE, containerPageName, boolean.class)).andReturn(true);
    expect(whitelist.isClientRequestOnWhitelist()).andReturn(false);
    replay();
    Dispatcher dispatcher = new ComponentEventDispatcher(handler, new ComponentEventLinkEncoderImpl(resolver, contextPathEncoder, localizationSetter, response, null, null, null, true, null, "", metaDataLocator, whitelist));
    assertFalse(dispatcher.dispatch(request, response));
    verify();
}
Also used : Response(org.apache.tapestry5.http.services.Response) ClientWhitelist(org.apache.tapestry5.services.security.ClientWhitelist) Request(org.apache.tapestry5.http.services.Request) ComponentClassResolver(org.apache.tapestry5.services.ComponentClassResolver) ComponentRequestHandler(org.apache.tapestry5.services.ComponentRequestHandler) LocalizationSetter(org.apache.tapestry5.services.LocalizationSetter) Dispatcher(org.apache.tapestry5.http.services.Dispatcher) MetaDataLocator(org.apache.tapestry5.services.MetaDataLocator) Test(org.testng.annotations.Test)

Example 2 with ClientWhitelist

use of org.apache.tapestry5.services.security.ClientWhitelist in project tapestry-5 by apache.

the class ComponentEventLinkEncoderImplTest method page_requires_whitelist_and_client_on_whitelist.

@Test
public void page_requires_whitelist_and_client_on_whitelist() throws Exception {
    ComponentClassResolver resolver = mockComponentClassResolver();
    Request request = mockRequest(false);
    LocalizationSetter ls = mockLocalizationSetter();
    MetaDataLocator metaDataLocator = mockMetaDataLocator();
    ClientWhitelist whitelist = newMock(ClientWhitelist.class);
    String path = "/foo/Bar";
    train_getPath(request, path);
    train_setLocaleFromLocaleName(ls, "foo", false);
    train_isPageName(resolver, "foo/Bar", true);
    train_canonicalizePageName(resolver, "foo/Bar", "foo/bar");
    expect(metaDataLocator.findMeta(MetaDataConstants.WHITELIST_ONLY_PAGE, "foo/bar", boolean.class)).andReturn(true);
    expect(whitelist.isClientRequestOnWhitelist()).andReturn(true);
    replay();
    ComponentEventLinkEncoderImpl linkEncoder = new ComponentEventLinkEncoderImpl(resolver, contextPathEncoder, ls, null, null, null, null, true, null, "", metaDataLocator, whitelist);
    PageRenderRequestParameters parameters = linkEncoder.decodePageRenderRequest(request);
    assertEquals(parameters.getLogicalPageName(), "foo/bar");
    assertEquals(parameters.getActivationContext().getCount(), 0);
    assertFalse(parameters.isLoopback());
    verify();
}
Also used : ClientWhitelist(org.apache.tapestry5.services.security.ClientWhitelist) PageRenderRequestParameters(org.apache.tapestry5.services.PageRenderRequestParameters) ComponentClassResolver(org.apache.tapestry5.services.ComponentClassResolver) Request(org.apache.tapestry5.http.services.Request) LocalizationSetter(org.apache.tapestry5.services.LocalizationSetter) MetaDataLocator(org.apache.tapestry5.services.MetaDataLocator) Test(org.testng.annotations.Test)

Example 3 with ClientWhitelist

use of org.apache.tapestry5.services.security.ClientWhitelist in project tapestry-5 by apache.

the class ComponentEventLinkEncoderImplTest method page_requires_whitelist_and_client_not_on_whitelist.

@Test
public void page_requires_whitelist_and_client_not_on_whitelist() {
    ComponentClassResolver resolver = mockComponentClassResolver();
    Request request = mockRequest();
    LocalizationSetter ls = mockLocalizationSetter();
    MetaDataLocator metaDataLocator = mockMetaDataLocator();
    ClientWhitelist whitelist = newMock(ClientWhitelist.class);
    String path = "/foo/Bar";
    train_getPath(request, path);
    train_setLocaleFromLocaleName(ls, "foo", false);
    train_isPageName(resolver, "foo/Bar", true);
    train_canonicalizePageName(resolver, "foo/Bar", "foo/bar");
    expect(metaDataLocator.findMeta(MetaDataConstants.WHITELIST_ONLY_PAGE, "foo/bar", boolean.class)).andReturn(true);
    expect(whitelist.isClientRequestOnWhitelist()).andReturn(false);
    train_isPageName(resolver, "foo", false);
    train_isPageName(resolver, "", false);
    replay();
    ComponentEventLinkEncoderImpl linkEncoder = new ComponentEventLinkEncoderImpl(resolver, contextPathEncoder, ls, null, null, null, null, true, null, "", metaDataLocator, whitelist);
    assertNull(linkEncoder.decodePageRenderRequest(request));
    verify();
}
Also used : ClientWhitelist(org.apache.tapestry5.services.security.ClientWhitelist) ComponentClassResolver(org.apache.tapestry5.services.ComponentClassResolver) Request(org.apache.tapestry5.http.services.Request) LocalizationSetter(org.apache.tapestry5.services.LocalizationSetter) MetaDataLocator(org.apache.tapestry5.services.MetaDataLocator) Test(org.testng.annotations.Test)

Example 4 with ClientWhitelist

use of org.apache.tapestry5.services.security.ClientWhitelist in project tapestry-5 by apache.

the class ComponentEventDispatcherTest method request_for_whitelist_only_page_from_valid_client.

@Test
public void request_for_whitelist_only_page_from_valid_client() throws IOException {
    String containerPageName = "foo/MyPage";
    ComponentRequestHandler handler = mockComponentRequestHandler();
    Request request = mockRequest();
    Response response = mockResponse();
    ComponentClassResolver resolver = mockComponentClassResolver();
    LocalizationSetter localizationSetter = mockLocalizationSetter();
    MetaDataLocator metaDataLocator = newMock(MetaDataLocator.class);
    ClientWhitelist whitelist = newMock(ClientWhitelist.class);
    ComponentEventRequestParameters expectedParameters = new ComponentEventRequestParameters(containerPageName, containerPageName, "", "anevent", new EmptyEventContext(), new EmptyEventContext());
    train_getPath(request, "/foo/MyPage:anevent");
    expect(localizationSetter.isSupportedLocaleName("foo")).andReturn(false);
    train_isPageName(resolver, containerPageName, true);
    train_canonicalizePageName(resolver, containerPageName, containerPageName);
    expect(metaDataLocator.findMeta(MetaDataConstants.WHITELIST_ONLY_PAGE, containerPageName, boolean.class)).andReturn(true);
    expect(whitelist.isClientRequestOnWhitelist()).andReturn(true);
    train_getParameter(request, InternalConstants.PAGE_CONTEXT_NAME, null);
    train_getParameter(request, InternalConstants.CONTAINER_PAGE_NAME, null);
    expect(request.getAttribute(InternalConstants.REFERENCED_COMPONENT_NOT_FOUND)).andStubReturn(null);
    train_for_request_locale(request, localizationSetter);
    handler.handleComponentEvent(expectedParameters);
    replay();
    Dispatcher dispatcher = new ComponentEventDispatcher(handler, new ComponentEventLinkEncoderImpl(resolver, contextPathEncoder, localizationSetter, response, null, null, null, true, null, "", metaDataLocator, whitelist));
    assertTrue(dispatcher.dispatch(request, response));
    verify();
}
Also used : ClientWhitelist(org.apache.tapestry5.services.security.ClientWhitelist) Request(org.apache.tapestry5.http.services.Request) LocalizationSetter(org.apache.tapestry5.services.LocalizationSetter) Dispatcher(org.apache.tapestry5.http.services.Dispatcher) Response(org.apache.tapestry5.http.services.Response) ComponentEventRequestParameters(org.apache.tapestry5.services.ComponentEventRequestParameters) EmptyEventContext(org.apache.tapestry5.internal.EmptyEventContext) ComponentClassResolver(org.apache.tapestry5.services.ComponentClassResolver) ComponentRequestHandler(org.apache.tapestry5.services.ComponentRequestHandler) MetaDataLocator(org.apache.tapestry5.services.MetaDataLocator) Test(org.testng.annotations.Test)

Aggregations

Request (org.apache.tapestry5.http.services.Request)4 ComponentClassResolver (org.apache.tapestry5.services.ComponentClassResolver)4 LocalizationSetter (org.apache.tapestry5.services.LocalizationSetter)4 MetaDataLocator (org.apache.tapestry5.services.MetaDataLocator)4 ClientWhitelist (org.apache.tapestry5.services.security.ClientWhitelist)4 Test (org.testng.annotations.Test)4 Dispatcher (org.apache.tapestry5.http.services.Dispatcher)2 Response (org.apache.tapestry5.http.services.Response)2 ComponentRequestHandler (org.apache.tapestry5.services.ComponentRequestHandler)2 EmptyEventContext (org.apache.tapestry5.internal.EmptyEventContext)1 ComponentEventRequestParameters (org.apache.tapestry5.services.ComponentEventRequestParameters)1 PageRenderRequestParameters (org.apache.tapestry5.services.PageRenderRequestParameters)1