Example 11 with WikiSession
use of org.apache.wiki.WikiSession in project jspwiki by apache.
the class AuthorizationManagerTest method testUserPolicy.
@Test
public void testUserPolicy() throws Exception {
Properties props = TestEngine.getTestProperties();
// Make sure we are using the default security policy file jspwiki.policy
props.put(AuthorizationManager.POLICY, "jspwiki-testUserPolicy.policy");
// Initialize the test engine
m_engine = new TestEngine(props);
m_auth = m_engine.getAuthorizationManager();
m_groupMgr = m_engine.getGroupManager();
m_session = WikiSessionTest.adminSession(m_engine);
WikiSession s = WikiSessionTest.anonymousSession(m_engine);
Assert.assertFalse("Anonymous view", m_auth.checkStaticPermission(s, PagePermission.VIEW));
Assert.assertFalse("Anonymous edit", m_auth.checkStaticPermission(s, PagePermission.EDIT));
Assert.assertFalse("Anonymous comment", m_auth.checkStaticPermission(s, PagePermission.COMMENT));
Assert.assertFalse("Anonymous modify", m_auth.checkStaticPermission(s, PagePermission.MODIFY));
Assert.assertFalse("Anonymous upload", m_auth.checkStaticPermission(s, PagePermission.UPLOAD));
Assert.assertFalse("Anonymous rename", m_auth.checkStaticPermission(s, PagePermission.RENAME));
Assert.assertFalse("Anonymous delete", m_auth.checkStaticPermission(s, PagePermission.DELETE));
Assert.assertFalse("Anonymous prefs", m_auth.checkStaticPermission(s, WikiPermission.EDIT_PREFERENCES));
Assert.assertFalse("Anonymous profile", m_auth.checkStaticPermission(s, WikiPermission.EDIT_PROFILE));
Assert.assertFalse("Anonymous pages", m_auth.checkStaticPermission(s, WikiPermission.CREATE_PAGES));
Assert.assertFalse("Anonymous groups", m_auth.checkStaticPermission(s, WikiPermission.CREATE_GROUPS));
s = WikiSessionTest.assertedSession(m_engine, "Jack Sparrow");
Assert.assertFalse("Asserted view", m_auth.checkStaticPermission(s, PagePermission.VIEW));
Assert.assertFalse("Asserted edit", m_auth.checkStaticPermission(s, PagePermission.EDIT));
Assert.assertFalse("Asserted comment", m_auth.checkStaticPermission(s, PagePermission.COMMENT));
Assert.assertFalse("Asserted modify", m_auth.checkStaticPermission(s, PagePermission.MODIFY));
Assert.assertFalse("Asserted upload", m_auth.checkStaticPermission(s, PagePermission.UPLOAD));
Assert.assertFalse("Asserted rename", m_auth.checkStaticPermission(s, PagePermission.RENAME));
Assert.assertFalse("Asserted delete", m_auth.checkStaticPermission(s, PagePermission.DELETE));
Assert.assertFalse("Asserted prefs", m_auth.checkStaticPermission(s, WikiPermission.EDIT_PREFERENCES));
Assert.assertFalse("Asserted profile", m_auth.checkStaticPermission(s, WikiPermission.EDIT_PROFILE));
Assert.assertFalse("Asserted pages", m_auth.checkStaticPermission(s, WikiPermission.CREATE_PAGES));
Assert.assertFalse("Asserted groups", m_auth.checkStaticPermission(s, WikiPermission.CREATE_GROUPS));
s = WikiSessionTest.authenticatedSession(m_engine, Users.BOB, Users.BOB_PASS);
Assert.assertTrue("Bob view", m_auth.checkStaticPermission(s, PagePermission.VIEW));
Assert.assertTrue("Bob edit", m_auth.checkStaticPermission(s, PagePermission.EDIT));
Assert.assertTrue("Bob comment", m_auth.checkStaticPermission(s, PagePermission.COMMENT));
Assert.assertTrue("Bob modify", m_auth.checkStaticPermission(s, PagePermission.MODIFY));
Assert.assertTrue("Bob upload", m_auth.checkStaticPermission(s, PagePermission.UPLOAD));
Assert.assertFalse("Bob rename", m_auth.checkStaticPermission(s, PagePermission.RENAME));
Assert.assertTrue("Bob delete", m_auth.checkStaticPermission(s, PagePermission.DELETE));
Assert.assertFalse("Bob prefs", m_auth.checkStaticPermission(s, WikiPermission.EDIT_PREFERENCES));
Assert.assertFalse("Bob profile", m_auth.checkStaticPermission(s, WikiPermission.EDIT_PROFILE));
Assert.assertFalse("Bob pages", m_auth.checkStaticPermission(s, WikiPermission.CREATE_PAGES));
Assert.assertFalse("Bob groups", m_auth.checkStaticPermission(s, WikiPermission.CREATE_GROUPS));
s = WikiSessionTest.authenticatedSession(m_engine, Users.JANNE, Users.JANNE_PASS);
Assert.assertTrue("Janne view", m_auth.checkStaticPermission(s, PagePermission.VIEW));
Assert.assertTrue("Janne edit", m_auth.checkStaticPermission(s, PagePermission.EDIT));
Assert.assertTrue("Janne comment", m_auth.checkStaticPermission(s, PagePermission.COMMENT));
Assert.assertTrue("Janne modify", m_auth.checkStaticPermission(s, PagePermission.MODIFY));
Assert.assertTrue("Janne upload", m_auth.checkStaticPermission(s, PagePermission.UPLOAD));
Assert.assertFalse("Janne rename", m_auth.checkStaticPermission(s, PagePermission.RENAME));
Assert.assertTrue("Janne delete", m_auth.checkStaticPermission(s, PagePermission.DELETE));
Assert.assertFalse("Janne prefs", m_auth.checkStaticPermission(s, WikiPermission.EDIT_PREFERENCES));
Assert.assertFalse("Janne profile", m_auth.checkStaticPermission(s, WikiPermission.EDIT_PROFILE));
Assert.assertFalse("Janne pages", m_auth.checkStaticPermission(s, WikiPermission.CREATE_PAGES));
Assert.assertFalse("Janne groups", m_auth.checkStaticPermission(s, WikiPermission.CREATE_GROUPS));
s = WikiSessionTest.adminSession(m_engine);
Assert.assertTrue("Admin view", m_auth.checkStaticPermission(s, PagePermission.VIEW));
Assert.assertFalse("Admin edit", m_auth.checkStaticPermission(s, PagePermission.EDIT));
Assert.assertFalse("Admin comment", m_auth.checkStaticPermission(s, PagePermission.COMMENT));
Assert.assertFalse("Admin modify", m_auth.checkStaticPermission(s, PagePermission.MODIFY));
Assert.assertFalse("Admin upload", m_auth.checkStaticPermission(s, PagePermission.UPLOAD));
Assert.assertFalse("Admin rename", m_auth.checkStaticPermission(s, PagePermission.RENAME));
Assert.assertFalse("Admin delete", m_auth.checkStaticPermission(s, PagePermission.DELETE));
Assert.assertFalse("Admin prefs", m_auth.checkStaticPermission(s, WikiPermission.EDIT_PREFERENCES));
Assert.assertFalse("Admin profile", m_auth.checkStaticPermission(s, WikiPermission.EDIT_PROFILE));
Assert.assertFalse("Admin pages", m_auth.checkStaticPermission(s, WikiPermission.CREATE_PAGES));
Assert.assertFalse("Admin groups", m_auth.checkStaticPermission(s, WikiPermission.CREATE_GROUPS));
}
Also used :
WikiSession(org.apache.wiki.WikiSession)
TestEngine(org.apache.wiki.TestEngine)
Properties(java.util.Properties)
WikiSessionTest(org.apache.wiki.WikiSessionTest)
Test(org.junit.Test)
Example 12 with WikiSession
use of org.apache.wiki.WikiSession in project jspwiki by apache.
the class AuthorizationManagerTest method testAssertedSession.
@Test
public void testAssertedSession() throws Exception {
// Create Alice and her roles
Principal alice = new WikiPrincipal(Users.ALICE);
Role it = new Role("IT");
Role engineering = new Role("Engineering");
Role finance = new Role("Finance");
Principal admin = new GroupPrincipal("Admin");
WikiSession session = WikiSessionTest.assertedSession(m_engine, Users.ALICE, new Principal[] { it, engineering, admin });
// Create two groups: Alice should be part of group Bar, but not Foo
Group fooGroup = m_groupMgr.parseGroup("Foo", "", true);
Group barGroup = m_groupMgr.parseGroup("Bar", "", true);
barGroup.add(alice);
m_groupMgr.setGroup(m_session, fooGroup);
m_groupMgr.setGroup(m_session, barGroup);
// Test user principal posession: Alice isn't considered to
// have the "Alice" principal because she's not authenticated
Assert.assertFalse("Alice has Alice", m_auth.hasRoleOrPrincipal(session, new WikiPrincipal(Users.ALICE)));
Assert.assertFalse("Alice has Alice", m_auth.hasRoleOrPrincipal(session, new TestPrincipal(Users.ALICE)));
Assert.assertFalse("Alice not has Bob", m_auth.hasRoleOrPrincipal(session, new WikiPrincipal(Users.BOB)));
Assert.assertFalse("Alice not has Bob", m_auth.hasRoleOrPrincipal(session, new TestPrincipal(Users.BOB)));
// Built-in role memberships
Assert.assertTrue("Alice in ALL", m_auth.hasRoleOrPrincipal(session, Role.ALL));
Assert.assertFalse("Alice not in ANONYMOUS", m_auth.hasRoleOrPrincipal(session, Role.ANONYMOUS));
Assert.assertTrue("Alice in ASSERTED", m_auth.hasRoleOrPrincipal(session, Role.ASSERTED));
Assert.assertFalse("Alice not in AUTHENTICATED", m_auth.hasRoleOrPrincipal(session, Role.AUTHENTICATED));
// Custom roles should be FALSE because Alice is asserted
Assert.assertFalse("Alice not in IT", m_auth.hasRoleOrPrincipal(session, it));
Assert.assertFalse("Alice not in Engineering", m_auth.hasRoleOrPrincipal(session, engineering));
Assert.assertFalse("Alice not in Finance", m_auth.hasRoleOrPrincipal(session, finance));
// Group memberships should be FALSE because Alice is asserted
Assert.assertFalse("Alice not in Foo", m_auth.hasRoleOrPrincipal(session, fooGroup.getPrincipal()));
Assert.assertFalse("Alice not in Bar", m_auth.hasRoleOrPrincipal(session, barGroup.getPrincipal()));
// Clean up
m_groupMgr.removeGroup("Foo");
m_groupMgr.removeGroup("Bar");
}
Also used :
Role(org.apache.wiki.auth.authorize.Role)
WikiSession(org.apache.wiki.WikiSession)
Group(org.apache.wiki.auth.authorize.Group)
Principal(java.security.Principal)
UnresolvedPrincipal(org.apache.wiki.auth.acl.UnresolvedPrincipal)
WikiSessionTest(org.apache.wiki.WikiSessionTest)
Test(org.junit.Test)
Example 13 with WikiSession
use of org.apache.wiki.WikiSession in project jspwiki by apache.
the class AuthorizationManagerTest method testHasRoleOrPrincipal.
@Test
public void testHasRoleOrPrincipal() throws Exception {
// Create new user Alice and 2 sample roles
Principal alice = new WikiPrincipal(Users.ALICE);
Role it = new Role("IT");
Role finance = new Role("Finance");
// Create Group1 with Alice in it, Group2 without
WikiSession session = WikiSessionTest.adminSession(m_engine);
Group g1 = m_groupMgr.parseGroup("Group1", "Alice", true);
m_groupMgr.setGroup(session, g1);
Principal group1 = g1.getPrincipal();
Group g2 = m_groupMgr.parseGroup("Group2", "Bob", true);
m_groupMgr.setGroup(session, g2);
Principal group2 = g2.getPrincipal();
// Create anonymous session; not in ANY custom roles or groups
session = WikiSessionTest.anonymousSession(m_engine);
Assert.assertTrue("Anon anonymous", m_auth.hasRoleOrPrincipal(session, Role.ANONYMOUS));
Assert.assertFalse("Anon not asserted", m_auth.hasRoleOrPrincipal(session, Role.ASSERTED));
Assert.assertFalse("Anon not authenticated", m_auth.hasRoleOrPrincipal(session, Role.AUTHENTICATED));
Assert.assertFalse("Alice not in Anon", m_auth.hasRoleOrPrincipal(session, alice));
Assert.assertFalse("Anon not in IT", m_auth.hasRoleOrPrincipal(session, it));
Assert.assertFalse("Anon not in Finance", m_auth.hasRoleOrPrincipal(session, finance));
Assert.assertFalse("Anon not in Group1", m_auth.hasRoleOrPrincipal(session, group1));
Assert.assertFalse("Anon not in Group2", m_auth.hasRoleOrPrincipal(session, group2));
// Create asserted session with 1 GroupPrincipal & 1 custom Role
// Alice is asserted, and thus not in ANY custom roles or groups
session = WikiSessionTest.assertedSession(m_engine, Users.ALICE, new Principal[] { it });
Assert.assertFalse("Alice not anonymous", m_auth.hasRoleOrPrincipal(session, Role.ANONYMOUS));
Assert.assertTrue("Alice asserted", m_auth.hasRoleOrPrincipal(session, Role.ASSERTED));
Assert.assertFalse("Alice not authenticated", m_auth.hasRoleOrPrincipal(session, Role.AUTHENTICATED));
Assert.assertFalse("Alice not in Alice", m_auth.hasRoleOrPrincipal(session, alice));
Assert.assertFalse("Alice not in IT", m_auth.hasRoleOrPrincipal(session, it));
Assert.assertFalse("Alice not in Finance", m_auth.hasRoleOrPrincipal(session, finance));
Assert.assertFalse("Alice not in Group1", m_auth.hasRoleOrPrincipal(session, group1));
Assert.assertFalse("Alice not in Group2", m_auth.hasRoleOrPrincipal(session, group2));
// Create authenticated session with 1 GroupPrincipal & 1 custom Role
// Alice is authenticated, and thus part of custom roles and groups
session = WikiSessionTest.containerAuthenticatedSession(m_engine, Users.ALICE, new Principal[] { it });
Assert.assertFalse("Alice not anonymous", m_auth.hasRoleOrPrincipal(session, Role.ANONYMOUS));
Assert.assertFalse("Alice not asserted", m_auth.hasRoleOrPrincipal(session, Role.ASSERTED));
Assert.assertTrue("Alice authenticated", m_auth.hasRoleOrPrincipal(session, Role.AUTHENTICATED));
Assert.assertTrue("Alice in Ernie", m_auth.hasRoleOrPrincipal(session, alice));
Assert.assertTrue("Alice in IT", m_auth.hasRoleOrPrincipal(session, it));
Assert.assertFalse("Alice not in Finance", m_auth.hasRoleOrPrincipal(session, finance));
Assert.assertTrue("Alice in Group1", m_auth.hasRoleOrPrincipal(session, group1));
Assert.assertFalse("Alice not in Group2", m_auth.hasRoleOrPrincipal(session, group2));
// Clean up
m_groupMgr.removeGroup("Group1");
m_groupMgr.removeGroup("Group2");
}
Also used :
Role(org.apache.wiki.auth.authorize.Role)
WikiSession(org.apache.wiki.WikiSession)
Group(org.apache.wiki.auth.authorize.Group)
Principal(java.security.Principal)
UnresolvedPrincipal(org.apache.wiki.auth.acl.UnresolvedPrincipal)
WikiSessionTest(org.apache.wiki.WikiSessionTest)
Test(org.junit.Test)
Example 14 with WikiSession
use of org.apache.wiki.WikiSession in project jspwiki by apache.
the class AuthorizationManagerTest method testStaticPermission.
@Test
public void testStaticPermission() throws Exception {
WikiSession s = WikiSessionTest.anonymousSession(m_engine);
Assert.assertTrue("Anonymous view", m_auth.checkStaticPermission(s, PagePermission.VIEW));
Assert.assertTrue("Anonymous edit", m_auth.checkStaticPermission(s, PagePermission.EDIT));
Assert.assertTrue("Anonymous comment", m_auth.checkStaticPermission(s, PagePermission.COMMENT));
Assert.assertFalse("Anonymous modify", m_auth.checkStaticPermission(s, PagePermission.MODIFY));
Assert.assertFalse("Anonymous upload", m_auth.checkStaticPermission(s, PagePermission.UPLOAD));
Assert.assertFalse("Anonymous rename", m_auth.checkStaticPermission(s, PagePermission.RENAME));
Assert.assertFalse("Anonymous delete", m_auth.checkStaticPermission(s, PagePermission.DELETE));
Assert.assertTrue("Anonymous prefs", m_auth.checkStaticPermission(s, WikiPermission.EDIT_PREFERENCES));
Assert.assertTrue("Anonymous profile", m_auth.checkStaticPermission(s, WikiPermission.EDIT_PROFILE));
Assert.assertTrue("Anonymous pages", m_auth.checkStaticPermission(s, WikiPermission.CREATE_PAGES));
Assert.assertFalse("Anonymous groups", m_auth.checkStaticPermission(s, WikiPermission.CREATE_GROUPS));
s = WikiSessionTest.assertedSession(m_engine, "Jack Sparrow");
Assert.assertTrue("Asserted view", m_auth.checkStaticPermission(s, PagePermission.VIEW));
Assert.assertTrue("Asserted edit", m_auth.checkStaticPermission(s, PagePermission.EDIT));
Assert.assertTrue("Asserted comment", m_auth.checkStaticPermission(s, PagePermission.COMMENT));
Assert.assertFalse("Asserted modify", m_auth.checkStaticPermission(s, PagePermission.MODIFY));
Assert.assertFalse("Asserted upload", m_auth.checkStaticPermission(s, PagePermission.UPLOAD));
Assert.assertFalse("Asserted rename", m_auth.checkStaticPermission(s, PagePermission.RENAME));
Assert.assertFalse("Asserted delete", m_auth.checkStaticPermission(s, PagePermission.DELETE));
Assert.assertTrue("Asserted prefs", m_auth.checkStaticPermission(s, WikiPermission.EDIT_PREFERENCES));
Assert.assertTrue("Asserted profile", m_auth.checkStaticPermission(s, WikiPermission.EDIT_PROFILE));
Assert.assertTrue("Asserted pages", m_auth.checkStaticPermission(s, WikiPermission.CREATE_PAGES));
Assert.assertFalse("Asserted groups", m_auth.checkStaticPermission(s, WikiPermission.CREATE_GROUPS));
s = WikiSessionTest.authenticatedSession(m_engine, Users.JANNE, Users.JANNE_PASS);
Assert.assertTrue("Authenticated view", m_auth.checkStaticPermission(s, PagePermission.VIEW));
Assert.assertTrue("Authenticated edit", m_auth.checkStaticPermission(s, PagePermission.EDIT));
Assert.assertTrue("Authenticated comment", m_auth.checkStaticPermission(s, PagePermission.COMMENT));
Assert.assertTrue("Authenticated modify", m_auth.checkStaticPermission(s, PagePermission.MODIFY));
Assert.assertTrue("Authenticated upload", m_auth.checkStaticPermission(s, PagePermission.UPLOAD));
Assert.assertTrue("Authenticated rename", m_auth.checkStaticPermission(s, PagePermission.RENAME));
Assert.assertFalse("Authenticated delete", m_auth.checkStaticPermission(s, PagePermission.DELETE));
Assert.assertTrue("Authenticated prefs", m_auth.checkStaticPermission(s, WikiPermission.EDIT_PREFERENCES));
Assert.assertTrue("Authenticated profile", m_auth.checkStaticPermission(s, WikiPermission.EDIT_PROFILE));
Assert.assertTrue("Authenticated pages", m_auth.checkStaticPermission(s, WikiPermission.CREATE_PAGES));
Assert.assertTrue("Authenticated groups", m_auth.checkStaticPermission(s, WikiPermission.CREATE_GROUPS));
s = WikiSessionTest.adminSession(m_engine);
Assert.assertTrue("Admin view", m_auth.checkStaticPermission(s, PagePermission.VIEW));
Assert.assertTrue("Admin edit", m_auth.checkStaticPermission(s, PagePermission.EDIT));
Assert.assertTrue("Admin comment", m_auth.checkStaticPermission(s, PagePermission.COMMENT));
Assert.assertTrue("Admin modify", m_auth.checkStaticPermission(s, PagePermission.MODIFY));
Assert.assertTrue("Admin upload", m_auth.checkStaticPermission(s, PagePermission.UPLOAD));
Assert.assertTrue("Admin rename", m_auth.checkStaticPermission(s, PagePermission.RENAME));
// Even though we grant AllPermission in the policy, 'delete' isn't explicit so the check
// for delete privileges will Assert.fail (but it will succeed if requested via the checkPermission())
Assert.assertFalse("Admin delete", m_auth.checkStaticPermission(s, PagePermission.DELETE));
Assert.assertTrue("Admin prefs", m_auth.checkStaticPermission(s, WikiPermission.EDIT_PREFERENCES));
Assert.assertTrue("Admin profile", m_auth.checkStaticPermission(s, WikiPermission.EDIT_PROFILE));
Assert.assertTrue("Admin pages", m_auth.checkStaticPermission(s, WikiPermission.CREATE_PAGES));
Assert.assertTrue("Admin groups", m_auth.checkStaticPermission(s, WikiPermission.CREATE_GROUPS));
}
Also used :
WikiSession(org.apache.wiki.WikiSession)
WikiSessionTest(org.apache.wiki.WikiSessionTest)
Test(org.junit.Test)
Example 15 with WikiSession
use of org.apache.wiki.WikiSession in project jspwiki by apache.
the class UserManagerTest method testSetRenamedUserProfile.
@Test
public void testSetRenamedUserProfile() throws Exception {
// First, count the number of users, groups, and pages
int oldUserCount = m_db.getWikiNames().length;
GroupManager groupManager = m_engine.getGroupManager();
PageManager pageManager = m_engine.getPageManager();
AuthorizationManager authManager = m_engine.getAuthorizationManager();
int oldGroupCount = groupManager.getRoles().length;
int oldPageCount = pageManager.getTotalPageCount();
// Setup Step 1: create a new user with random name
WikiSession session = m_engine.guestSession();
long now = System.currentTimeMillis();
String oldLogin = "TestLogin" + now;
String oldName = "Test User " + now;
String newLogin = "RenamedLogin" + now;
String newName = "Renamed User " + now;
UserProfile profile = m_db.newProfile();
profile.setEmail("jspwiki.tests@mailinator.com");
profile.setLoginName(oldLogin);
profile.setFullname(oldName);
profile.setPassword("password");
m_mgr.setUserProfile(session, profile);
// 1a. Make sure the profile saved successfully and that we're logged in
profile = m_mgr.getUserProfile(session);
Assert.assertEquals(oldLogin, profile.getLoginName());
Assert.assertEquals(oldName, profile.getFullname());
Assert.assertEquals(oldUserCount + 1, m_db.getWikiNames().length);
Assert.assertTrue(session.isAuthenticated());
// Setup Step 2: create a new group with our test user in it
Group group = groupManager.parseGroup(m_groupName, "Alice \n Bob \n Charlie \n " + oldLogin + "\n" + oldName, true);
groupManager.setGroup(session, group);
// 2a. Make sure the group is created with the user in it, and the role is added to the Subject
Assert.assertEquals(oldGroupCount + 1, groupManager.getRoles().length);
Assert.assertTrue(group.isMember(new WikiPrincipal(oldLogin)));
Assert.assertTrue(group.isMember(new WikiPrincipal(oldName)));
Assert.assertFalse(group.isMember(new WikiPrincipal(newLogin)));
Assert.assertFalse(group.isMember(new WikiPrincipal(newName)));
Assert.assertTrue(groupManager.isUserInRole(session, group.getPrincipal()));
// Setup Step 3: create a new page with our test user in the ACL
String pageName = "TestPage" + now;
m_engine.saveText(pageName, "Test text. [{ALLOW view " + oldName + ", " + oldLogin + ", Alice}] More text.");
// 3a. Make sure the page got saved, and that ONLY our test user has permission to read it.
WikiPage p = m_engine.getPage(pageName);
Assert.assertEquals(oldPageCount + 1, pageManager.getTotalPageCount());
Assert.assertNotNull(p.getAcl().getEntry(new WikiPrincipal(oldLogin)));
Assert.assertNotNull(p.getAcl().getEntry(new WikiPrincipal(oldName)));
Assert.assertNull(p.getAcl().getEntry(new WikiPrincipal(newLogin)));
Assert.assertNull(p.getAcl().getEntry(new WikiPrincipal(newName)));
Assert.assertTrue("Test User view page", authManager.checkPermission(session, PermissionFactory.getPagePermission(p, "view")));
WikiSession bobSession = WikiSessionTest.authenticatedSession(m_engine, Users.BOB, Users.BOB_PASS);
Assert.assertFalse("Bob !view page", authManager.checkPermission(bobSession, PermissionFactory.getPagePermission(p, "view")));
// Setup Step 4: change the user name in the profile and see what happens
profile = m_db.newProfile();
profile.setEmail("jspwiki.tests@mailinator.com");
profile.setLoginName(oldLogin);
profile.setFullname(newName);
profile.setPassword("password");
m_mgr.setUserProfile(session, profile);
// Test 1: the wiki session should have the new wiki name in Subject
Principal[] principals = session.getPrincipals();
Assert.assertTrue(ArrayUtils.contains(principals, new WikiPrincipal(oldLogin)));
Assert.assertFalse(ArrayUtils.contains(principals, new WikiPrincipal(oldName)));
Assert.assertFalse(ArrayUtils.contains(principals, new WikiPrincipal(newLogin)));
Assert.assertTrue(ArrayUtils.contains(principals, new WikiPrincipal(newName)));
// Test 2: our group should not contain the old name OR login name any more
// (the full name is always used)
group = groupManager.getGroup(m_groupName);
Assert.assertFalse(group.isMember(new WikiPrincipal(oldLogin)));
Assert.assertFalse(group.isMember(new WikiPrincipal(oldName)));
Assert.assertFalse(group.isMember(new WikiPrincipal(newLogin)));
Assert.assertTrue(group.isMember(new WikiPrincipal(newName)));
// Test 3: our page should not contain the old wiki name OR login name
// in the ACL any more (the full name is always used)
p = m_engine.getPage(pageName);
Assert.assertNull(p.getAcl().getEntry(new WikiPrincipal(oldLogin)));
Assert.assertNull(p.getAcl().getEntry(new WikiPrincipal(oldName)));
Assert.assertNull(p.getAcl().getEntry(new WikiPrincipal(newLogin)));
Assert.assertNotNull(p.getAcl().getEntry(new WikiPrincipal(newName)));
Assert.assertTrue("Test User view page", authManager.checkPermission(session, PermissionFactory.getPagePermission(p, "view")));
Assert.assertFalse("Bob !view page", authManager.checkPermission(bobSession, PermissionFactory.getPagePermission(p, "view")));
// Test 4: our page text should have been re-written
// (The new full name should be in the ACL, but the login name should have been removed)
String expectedText = "[{ALLOW view Alice," + newName + "}]\nTest text. More text.\r\n";
String actualText = m_engine.getText(pageName);
Assert.assertEquals(expectedText, actualText);
// Remove our test page
m_engine.deletePage(pageName);
// Setup Step 6: re-create the group with our old test user names in it
group = groupManager.parseGroup(m_groupName, "Alice \n Bob \n Charlie \n " + oldLogin + "\n" + oldName, true);
groupManager.setGroup(session, group);
// Setup Step 7: Save a new page with the old login/wiki names in the ACL again
// The test user should still be able to see the page (because the login name matches...)
pageName = "TestPage2" + now;
m_engine.saveText(pageName, "More test text. [{ALLOW view " + oldName + ", " + oldLogin + ", Alice}] More text.");
p = m_engine.getPage(pageName);
Assert.assertEquals(oldPageCount + 1, pageManager.getTotalPageCount());
Assert.assertNotNull(p.getAcl().getEntry(new WikiPrincipal(oldLogin)));
Assert.assertNotNull(p.getAcl().getEntry(new WikiPrincipal(oldName)));
Assert.assertNull(p.getAcl().getEntry(new WikiPrincipal(newLogin)));
Assert.assertNull(p.getAcl().getEntry(new WikiPrincipal(newName)));
Assert.assertTrue("Test User view page", authManager.checkPermission(session, PermissionFactory.getPagePermission(p, "view")));
Assert.assertFalse("Bob !view page", authManager.checkPermission(bobSession, PermissionFactory.getPagePermission(p, "view")));
// Setup Step 8: re-save the profile with the new login name
profile = m_db.newProfile();
profile.setEmail("jspwiki.tests@mailinator.com");
profile.setLoginName(newLogin);
profile.setFullname(oldName);
profile.setPassword("password");
m_mgr.setUserProfile(session, profile);
// Test 5: the wiki session should have the new login name in Subject
principals = session.getPrincipals();
Assert.assertFalse(ArrayUtils.contains(principals, new WikiPrincipal(oldLogin)));
Assert.assertTrue(ArrayUtils.contains(principals, new WikiPrincipal(oldName)));
Assert.assertTrue(ArrayUtils.contains(principals, new WikiPrincipal(newLogin)));
Assert.assertFalse(ArrayUtils.contains(principals, new WikiPrincipal(newName)));
// Test 6: our group should not contain the old name OR login name any more
// (the full name is always used)
group = groupManager.getGroup(m_groupName);
Assert.assertFalse(group.isMember(new WikiPrincipal(oldLogin)));
Assert.assertTrue(group.isMember(new WikiPrincipal(oldName)));
Assert.assertFalse(group.isMember(new WikiPrincipal(newLogin)));
Assert.assertFalse(group.isMember(new WikiPrincipal(newName)));
// Test 7: our page should not contain the old wiki name OR login name
// in the ACL any more (the full name is always used)
p = m_engine.getPage(pageName);
Assert.assertNull(p.getAcl().getEntry(new WikiPrincipal(oldLogin)));
Assert.assertNotNull(p.getAcl().getEntry(new WikiPrincipal(oldName)));
Assert.assertNull(p.getAcl().getEntry(new WikiPrincipal(newLogin)));
Assert.assertNull(p.getAcl().getEntry(new WikiPrincipal(newName)));
Assert.assertTrue("Test User view page", authManager.checkPermission(session, PermissionFactory.getPagePermission(p, "view")));
Assert.assertFalse("Bob !view page", authManager.checkPermission(bobSession, PermissionFactory.getPagePermission(p, "view")));
// Test 8: our page text should have been re-written
// (The new full name should be in the ACL, but the login name should have been removed)
expectedText = "[{ALLOW view Alice," + oldName + "}]\nMore test text. More text.\r\n";
actualText = m_engine.getText(pageName);
Assert.assertEquals(expectedText, actualText);
// CLEANUP: delete the profile; user and page; should be back to old counts
m_db.deleteByLoginName(newLogin);
Assert.assertEquals(oldUserCount, m_db.getWikiNames().length);
groupManager.removeGroup(group.getName());
Assert.assertEquals(oldGroupCount, groupManager.getRoles().length);
m_engine.deletePage(pageName);
Assert.assertEquals(oldPageCount, pageManager.getTotalPageCount());
}
Also used :
Group(org.apache.wiki.auth.authorize.Group)
UserProfile(org.apache.wiki.auth.user.UserProfile)
WikiPage(org.apache.wiki.WikiPage)
GroupManager(org.apache.wiki.auth.authorize.GroupManager)
WikiSession(org.apache.wiki.WikiSession)
PageManager(org.apache.wiki.PageManager)
Principal(java.security.Principal)
WikiSessionTest(org.apache.wiki.WikiSessionTest)
Test(org.junit.Test)
Aggregations
WikiSession (org.apache.wiki.WikiSession)40
WikiSessionTest (org.apache.wiki.WikiSessionTest)23
Test (org.junit.Test)23
Principal (java.security.Principal)15
UserProfile (org.apache.wiki.auth.user.UserProfile)9
AllPermission (org.apache.wiki.auth.permissions.AllPermission)8
PagePermission (org.apache.wiki.auth.permissions.PagePermission)8
Group (org.apache.wiki.auth.authorize.Group)7
Permission (java.security.Permission)6
UnresolvedPrincipal (org.apache.wiki.auth.acl.UnresolvedPrincipal)6
WikiPermission (org.apache.wiki.auth.permissions.WikiPermission)6
WikiPage (org.apache.wiki.WikiPage)5
Role (org.apache.wiki.auth.authorize.Role)5
HttpServletRequest (javax.servlet.http.HttpServletRequest)4
Collection (java.util.Collection)3
HttpSession (javax.servlet.http.HttpSession)3
ProviderException (org.apache.wiki.api.exceptions.ProviderException)3
Attachment (org.apache.wiki.attachment.Attachment)3
GroupPrincipal (org.apache.wiki.auth.GroupPrincipal)3
File (java.io.File)2
