use of org.apache.wiki.WikiSession in project jspwiki by apache.
the class AuthorizationManagerTest method testInheritedAclPermissions.
@Test
public void testInheritedAclPermissions() throws Exception {
// Create test page & attachment
String src = "[{ALLOW view Alice}] ";
m_engine.saveText("Test", src);
File f = m_engine.makeAttachmentFile();
Attachment att = new Attachment(m_engine, "Test", "test1.txt");
att.setAuthor("FirstPost");
m_engine.getAttachmentManager().storeAttachment(att, f);
Attachment p = (Attachment) m_engine.getPage("Test/test1.txt");
Permission view = PermissionFactory.getPagePermission(p, "view");
Permission edit = PermissionFactory.getPagePermission(p, "edit");
// Create session with user 'Alice', who can read (in ACL)
WikiSession session;
session = WikiSessionTest.authenticatedSession(m_engine, Users.ALICE, Users.ALICE_PASS);
Assert.assertTrue("Foo view Test", m_auth.checkPermission(session, view));
Assert.assertFalse("Foo !edit Test", m_auth.checkPermission(session, edit));
// Create session with user 'Bob', who can't read or edit (not in ACL)
session = WikiSessionTest.authenticatedSession(m_engine, Users.BOB, Users.BOB_PASS);
Assert.assertFalse("Bar !view Test", m_auth.checkPermission(session, view));
Assert.assertFalse("Bar !edit Test", m_auth.checkPermission(session, view));
// Delete test page & attachment
m_engine.getAttachmentManager().deleteAttachment(att);
m_engine.deletePage("Test");
}
use of org.apache.wiki.WikiSession in project jspwiki by apache.
the class AuthorizationManagerTest method testGetRoles.
@Test
public void testGetRoles() throws Exception {
WikiSession session;
Principal[] principals;
// Create a new "asserted" session for Bob
session = WikiSessionTest.assertedSession(m_engine, Users.BOB);
// Set up a group without Bob in it
Group test = m_groupMgr.parseGroup("Test", "Alice \n Charlie", true);
m_groupMgr.setGroup(m_session, test);
// Bob should have two roles: ASSERTED and ALL
principals = session.getRoles();
Assert.assertTrue("Bob in ALL", ArrayUtils.contains(principals, Role.ALL));
Assert.assertTrue("Bob in ASSERTED", ArrayUtils.contains(principals, Role.ASSERTED));
Assert.assertFalse("Bob not in ANONYMOUS", ArrayUtils.contains(principals, Role.ANONYMOUS));
Assert.assertFalse("Bob not in Test", ArrayUtils.contains(principals, test.getPrincipal()));
// Re-save group "Test" with Bob as a member
test = m_groupMgr.parseGroup("Test", "Alice \n Bob \nCharlie", true);
m_groupMgr.setGroup(m_session, test);
// Bob not authenticated: should still have only two romes
principals = session.getRoles();
Assert.assertTrue("Bob in ALL", ArrayUtils.contains(principals, Role.ALL));
Assert.assertTrue("Bob in ASSERTED", ArrayUtils.contains(principals, Role.ASSERTED));
Assert.assertFalse("Bob not in ANONYMOUS", ArrayUtils.contains(principals, Role.ANONYMOUS));
Assert.assertFalse("Bob in Test", ArrayUtils.contains(principals, test.getPrincipal()));
// Elevate Bob to "authenticated" status
session = WikiSessionTest.authenticatedSession(m_engine, Users.BOB, Users.BOB_PASS);
// Re-save the group; Bob should possess the role now
test = m_groupMgr.parseGroup("Test", "Alice \n Bob \n Charlie", true);
m_groupMgr.setGroup(m_session, test);
principals = session.getRoles();
Assert.assertTrue("Bob in ALL", ArrayUtils.contains(principals, Role.ALL));
Assert.assertFalse("Bob in ASSERTED", ArrayUtils.contains(principals, Role.ASSERTED));
Assert.assertFalse("Bob not in ANONYMOUS", ArrayUtils.contains(principals, Role.ANONYMOUS));
Assert.assertTrue("Bob in Test", ArrayUtils.contains(principals, test.getPrincipal()));
// Cleanup
m_groupMgr.removeGroup("Test");
}
use of org.apache.wiki.WikiSession in project jspwiki by apache.
the class AuthorizationManagerTest method testPrincipalAcl.
@Test
public void testPrincipalAcl() throws Exception {
// Create test page & attachment
String src = "[{ALLOW edit Alice}] ";
m_engine.saveText("Test", src);
WikiPage p = m_engine.getPage("Test");
Permission view = PermissionFactory.getPagePermission(p, "view");
Permission edit = PermissionFactory.getPagePermission(p, "edit");
// Create session with authenticated user 'Alice', who can read & edit (in ACL)
WikiSession session;
session = WikiSessionTest.authenticatedSession(m_engine, Users.ALICE, Users.ALICE_PASS);
Assert.assertTrue("Alice view Test", m_auth.checkPermission(session, view));
Assert.assertTrue("Alice edit Test", m_auth.checkPermission(session, edit));
// Create session with authenticated user 'Bob', who can't read or edit (not in ACL)
session = WikiSessionTest.authenticatedSession(m_engine, Users.BOB, Users.BOB_PASS);
Assert.assertFalse("Bob !view Test", m_auth.checkPermission(session, view));
Assert.assertFalse("Bob !edit Test", m_auth.checkPermission(session, edit));
// Cleanup
try {
m_engine.deletePage("Test");
} catch (ProviderException e) {
Assert.fail("Could not delete page");
}
}
use of org.apache.wiki.WikiSession in project jspwiki by apache.
the class AuthorizationManagerTest method testIsUserInRole.
@Test
public void testIsUserInRole() throws Exception {
// Create new user Alice and 2 sample roles
Principal alice = new WikiPrincipal(Users.ALICE);
Role it = new Role("IT");
Role finance = new Role("Finance");
// Create Group1 with Alice in it, Group2 without
WikiSession session = WikiSessionTest.adminSession(m_engine);
Group g1 = m_groupMgr.parseGroup("Group1", "Alice", true);
m_groupMgr.setGroup(session, g1);
Principal group1 = g1.getPrincipal();
Group g2 = m_groupMgr.parseGroup("Group2", "Bob", true);
m_groupMgr.setGroup(session, g2);
Principal group2 = g2.getPrincipal();
// Create anonymous session; not in ANY custom roles or groups
session = WikiSessionTest.anonymousSession(m_engine);
Assert.assertTrue("Anon anonymous", m_auth.isUserInRole(session, Role.ANONYMOUS));
Assert.assertFalse("Anon not asserted", m_auth.isUserInRole(session, Role.ASSERTED));
Assert.assertFalse("Anon not authenticated", m_auth.isUserInRole(session, Role.AUTHENTICATED));
Assert.assertFalse("Anon not in Ernie", m_auth.isUserInRole(session, alice));
Assert.assertFalse("Anon not in IT", m_auth.isUserInRole(session, it));
Assert.assertFalse("Anon not in Finance", m_auth.isUserInRole(session, finance));
Assert.assertFalse("Anon not in Group1", m_auth.isUserInRole(session, group1));
Assert.assertFalse("Anon not in Group2", m_auth.isUserInRole(session, group2));
// Create asserted session with 1 GroupPrincipal & 1 custom Role
// Alice is asserted, and thus not in ANY custom roles or groups
session = WikiSessionTest.assertedSession(m_engine, Users.ALICE, new Principal[] { it });
Assert.assertFalse("Alice not anonymous", m_auth.isUserInRole(session, Role.ANONYMOUS));
Assert.assertTrue("Alice asserted", m_auth.isUserInRole(session, Role.ASSERTED));
Assert.assertFalse("Alice not authenticated", m_auth.isUserInRole(session, Role.AUTHENTICATED));
Assert.assertFalse("Alice not in Alice", m_auth.isUserInRole(session, alice));
Assert.assertFalse("Alice not in IT", m_auth.isUserInRole(session, it));
Assert.assertFalse("Alice not in Finance", m_auth.isUserInRole(session, finance));
Assert.assertFalse("Alice not in Group1", m_auth.isUserInRole(session, group1));
Assert.assertFalse("Alice not in Group2", m_auth.isUserInRole(session, group2));
// Create authenticated session with 1 GroupPrincipal & 1 custom Role
// Ernie is authenticated, and thus part of custom roles and groups
session = WikiSessionTest.containerAuthenticatedSession(m_engine, Users.ALICE, new Principal[] { it });
Assert.assertFalse("Alice not anonymous", m_auth.isUserInRole(session, Role.ANONYMOUS));
Assert.assertFalse("Alice not asserted", m_auth.isUserInRole(session, Role.ASSERTED));
Assert.assertTrue("Alice not authenticated", m_auth.isUserInRole(session, Role.AUTHENTICATED));
Assert.assertFalse("Alice not in Alice", m_auth.isUserInRole(session, alice));
Assert.assertTrue("Alice in IT", m_auth.isUserInRole(session, it));
Assert.assertFalse("Alice not in Finance", m_auth.isUserInRole(session, finance));
Assert.assertTrue("Alice in Group1", m_auth.isUserInRole(session, group1));
Assert.assertFalse("Alice not in Group2", m_auth.isUserInRole(session, group2));
// Clean up
m_groupMgr.removeGroup("Group1");
m_groupMgr.removeGroup("Group2");
}
use of org.apache.wiki.WikiSession in project jspwiki by apache.
the class AuthorizationManagerTest method testAdminView2.
@Test
public void testAdminView2() throws Exception {
m_engine.saveText("TestDefaultPage", "Foo [{ALLOW view FooBar}]");
WikiSession session = WikiSessionTest.adminSession(m_engine);
Assert.assertTrue("Alice has AllPermission", m_auth.checkPermission(session, new AllPermission(m_engine.getApplicationName())));
Assert.assertTrue("Alice cannot read", m_auth.checkPermission(session, new PagePermission("TestDefaultPage", "view")));
}
Aggregations