Example 31 with Session
use of org.apache.wiki.api.core.Session in project jspwiki by apache.
the class SessionMonitor method createGuestSessionFor.
/**
* Creates a new session and stashes it
*
* @param sessionId id looked for before creating the guest session
* @return a new guest session
*/
private Session createGuestSessionFor(final String sessionId) {
log.debug("Session for session ID={}... not found. Creating guestSession()", sessionId);
final Session wikiSession = Wiki.session().guest(m_engine);
synchronized (m_sessions) {
m_sessions.put(sessionId, wikiSession);
}
return wikiSession;
}
Also used :
HttpSession(javax.servlet.http.HttpSession)
Session(org.apache.wiki.api.core.Session)
Example 32 with Session
use of org.apache.wiki.api.core.Session in project jspwiki by apache.
the class TestEngine method saveTextAsJanne.
public void saveTextAsJanne(final String pageName, final String content) throws WikiException {
// Build new request and associate our Janne session
final MockHttpServletRequest request = newHttpRequest();
final Session wikiSession = SessionMonitor.getInstance(this).find(request.getSession());
this.getManager(AuthenticationManager.class).login(wikiSession, request, Users.JANNE, Users.JANNE_PASS);
// Create page and wiki context
final Page page = Wiki.contents().page(this, pageName);
page.setAuthor(Users.JANNE);
final Context context = Wiki.context().create(this, request, page);
getManager(PageManager.class).saveText(context, content);
}
Also used :
AuthenticationManager(org.apache.wiki.auth.AuthenticationManager)
Context(org.apache.wiki.api.core.Context)
MockServletContext(net.sourceforge.stripes.mock.MockServletContext)
ServletContext(javax.servlet.ServletContext)
PageManager(org.apache.wiki.pages.PageManager)
MockHttpServletRequest(net.sourceforge.stripes.mock.MockHttpServletRequest)
Page(org.apache.wiki.api.core.Page)
MockHttpSession(net.sourceforge.stripes.mock.MockHttpSession)
Session(org.apache.wiki.api.core.Session)
Example 33 with Session
use of org.apache.wiki.api.core.Session in project jspwiki by apache.
the class GroupManagerTest method testGroupMembership.
@Test
public void testGroupMembership() throws Exception {
// Anonymous; should belong to NO groups
Session s = WikiSessionTest.anonymousSession(m_engine);
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test")));
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test2")));
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test3")));
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("NonExistant")));
// Alice is asserted; should belong to NO groups
s = WikiSessionTest.assertedSession(m_engine, Users.ALICE);
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test")));
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test2")));
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test3")));
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("NonExistant")));
// Alice is authenticated; should belong to Test
s = WikiSessionTest.authenticatedSession(m_engine, Users.ALICE, Users.ALICE_PASS);
Assertions.assertTrue(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test")));
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test2")));
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test3")));
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("NonExistant")));
// Bob is authenticated; should belong to Test & Test2
s = WikiSessionTest.authenticatedSession(m_engine, Users.BOB, Users.BOB_PASS);
Assertions.assertTrue(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test")));
Assertions.assertTrue(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test2")));
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test3")));
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("NonExistant")));
// Charlie is authenticated; should belong to Test
s = WikiSessionTest.authenticatedSession(m_engine, Users.CHARLIE, Users.CHARLIE_PASS);
Assertions.assertTrue(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test")));
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test2")));
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test3")));
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("NonExistant")));
// Fred is authenticated; should belong to Test3
s = WikiSessionTest.authenticatedSession(m_engine, Users.FRED, Users.FRED_PASS);
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test")));
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test2")));
Assertions.assertTrue(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test3")));
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("NonExistant")));
// Nobody loves Biff!
s = WikiSessionTest.authenticatedSession(m_engine, Users.BIFF, Users.BIFF_PASS);
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test")));
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test2")));
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("Test3")));
Assertions.assertFalse(m_groupMgr.isUserInRole(s, new GroupPrincipal("NonExistant")));
}
Also used :
GroupPrincipal(org.apache.wiki.auth.GroupPrincipal)
Session(org.apache.wiki.api.core.Session)
WikiSessionTest(org.apache.wiki.WikiSessionTest)
Test(org.junit.jupiter.api.Test)
Example 34 with Session
use of org.apache.wiki.api.core.Session in project jspwiki by apache.
the class AuthorizationManagerTest method testGetRoles.
@Test
public void testGetRoles() throws Exception {
Principal[] principals;
// Create a new "asserted" session for Bob
Session session = WikiSessionTest.assertedSession(m_engine, Users.BOB);
// Set up a group without Bob in it
Group test = m_groupMgr.parseGroup("Test", "Alice \n Charlie", true);
m_groupMgr.setGroup(m_session, test);
// Bob should have two roles: ASSERTED and ALL
principals = session.getRoles();
Assertions.assertTrue(ArrayUtils.contains(principals, Role.ALL), "Bob in ALL");
Assertions.assertTrue(ArrayUtils.contains(principals, Role.ASSERTED), "Bob in ASSERTED");
Assertions.assertFalse(ArrayUtils.contains(principals, Role.ANONYMOUS), "Bob not in ANONYMOUS");
Assertions.assertFalse(ArrayUtils.contains(principals, test.getPrincipal()), "Bob not in Test");
// Re-save group "Test" with Bob as a member
test = m_groupMgr.parseGroup("Test", "Alice \n Bob \nCharlie", true);
m_groupMgr.setGroup(m_session, test);
// Bob not authenticated: should still have only two romes
principals = session.getRoles();
Assertions.assertTrue(ArrayUtils.contains(principals, Role.ALL), "Bob in ALL");
Assertions.assertTrue(ArrayUtils.contains(principals, Role.ASSERTED), "Bob in ASSERTED");
Assertions.assertFalse(ArrayUtils.contains(principals, Role.ANONYMOUS), "Bob not in ANONYMOUS");
Assertions.assertFalse(ArrayUtils.contains(principals, test.getPrincipal()), "Bob in Test");
// Elevate Bob to "authenticated" status
session = WikiSessionTest.authenticatedSession(m_engine, Users.BOB, Users.BOB_PASS);
// Re-save the group; Bob should possess the role now
test = m_groupMgr.parseGroup("Test", "Alice \n Bob \n Charlie", true);
m_groupMgr.setGroup(m_session, test);
principals = session.getRoles();
Assertions.assertTrue(ArrayUtils.contains(principals, Role.ALL), "Bob in ALL");
Assertions.assertFalse(ArrayUtils.contains(principals, Role.ASSERTED), "Bob in ASSERTED");
Assertions.assertFalse(ArrayUtils.contains(principals, Role.ANONYMOUS), "Bob not in ANONYMOUS");
Assertions.assertTrue(ArrayUtils.contains(principals, test.getPrincipal()), "Bob in Test");
// Cleanup
m_groupMgr.removeGroup("Test");
}
Also used :
Group(org.apache.wiki.auth.authorize.Group)
Principal(java.security.Principal)
UnresolvedPrincipal(org.apache.wiki.auth.acl.UnresolvedPrincipal)
Session(org.apache.wiki.api.core.Session)
WikiSessionTest(org.apache.wiki.WikiSessionTest)
Test(org.junit.jupiter.api.Test)
Example 35 with Session
use of org.apache.wiki.api.core.Session in project jspwiki by apache.
the class AuthorizationManagerTest method testIsUserInRole.
@Test
public void testIsUserInRole() throws Exception {
// Create new user Alice and 2 sample roles
final Principal alice = new WikiPrincipal(Users.ALICE);
final Role it = new Role("IT");
final Role finance = new Role("Finance");
// Create Group1 with Alice in it, Group2 without
Session session = WikiSessionTest.adminSession(m_engine);
final Group g1 = m_groupMgr.parseGroup("Group1", "Alice", true);
m_groupMgr.setGroup(session, g1);
final Principal group1 = g1.getPrincipal();
final Group g2 = m_groupMgr.parseGroup("Group2", "Bob", true);
m_groupMgr.setGroup(session, g2);
final Principal group2 = g2.getPrincipal();
// Create anonymous session; not in ANY custom roles or groups
session = WikiSessionTest.anonymousSession(m_engine);
Assertions.assertTrue(m_auth.isUserInRole(session, Role.ANONYMOUS), "Anon anonymous");
Assertions.assertFalse(m_auth.isUserInRole(session, Role.ASSERTED), "Anon not asserted");
Assertions.assertFalse(m_auth.isUserInRole(session, Role.AUTHENTICATED), "Anon not authenticated");
Assertions.assertFalse(m_auth.isUserInRole(session, alice), "Anon not in Ernie");
Assertions.assertFalse(m_auth.isUserInRole(session, it), "Anon not in IT");
Assertions.assertFalse(m_auth.isUserInRole(session, finance), "Anon not in Finance");
Assertions.assertFalse(m_auth.isUserInRole(session, group1), "Anon not in Group1");
Assertions.assertFalse(m_auth.isUserInRole(session, group2), "Anon not in Group2");
// Create asserted session with 1 GroupPrincipal & 1 custom Role
// Alice is asserted, and thus not in ANY custom roles or groups
session = WikiSessionTest.assertedSession(m_engine, Users.ALICE, new Principal[] { it });
Assertions.assertFalse(m_auth.isUserInRole(session, Role.ANONYMOUS), "Alice not anonymous");
Assertions.assertTrue(m_auth.isUserInRole(session, Role.ASSERTED), "Alice asserted");
Assertions.assertFalse(m_auth.isUserInRole(session, Role.AUTHENTICATED), "Alice not authenticated");
Assertions.assertFalse(m_auth.isUserInRole(session, alice), "Alice not in Alice");
Assertions.assertFalse(m_auth.isUserInRole(session, it), "Alice not in IT");
Assertions.assertFalse(m_auth.isUserInRole(session, finance), "Alice not in Finance");
Assertions.assertFalse(m_auth.isUserInRole(session, group1), "Alice not in Group1");
Assertions.assertFalse(m_auth.isUserInRole(session, group2), "Alice not in Group2");
// Create authenticated session with 1 GroupPrincipal & 1 custom Role
// Ernie is authenticated, and thus part of custom roles and groups
session = WikiSessionTest.containerAuthenticatedSession(m_engine, Users.ALICE, new Principal[] { it });
Assertions.assertFalse(m_auth.isUserInRole(session, Role.ANONYMOUS), "Alice not anonymous");
Assertions.assertFalse(m_auth.isUserInRole(session, Role.ASSERTED), "Alice not asserted");
Assertions.assertTrue(m_auth.isUserInRole(session, Role.AUTHENTICATED), "Alice not authenticated");
Assertions.assertFalse(m_auth.isUserInRole(session, alice), "Alice not in Alice");
Assertions.assertTrue(m_auth.isUserInRole(session, it), "Alice in IT");
Assertions.assertFalse(m_auth.isUserInRole(session, finance), "Alice not in Finance");
Assertions.assertTrue(m_auth.isUserInRole(session, group1), "Alice in Group1");
Assertions.assertFalse(m_auth.isUserInRole(session, group2), "Alice not in Group2");
// Clean up
m_groupMgr.removeGroup("Group1");
m_groupMgr.removeGroup("Group2");
}
Also used :
Role(org.apache.wiki.auth.authorize.Role)
Group(org.apache.wiki.auth.authorize.Group)
Principal(java.security.Principal)
UnresolvedPrincipal(org.apache.wiki.auth.acl.UnresolvedPrincipal)
Session(org.apache.wiki.api.core.Session)
WikiSessionTest(org.apache.wiki.WikiSessionTest)
Test(org.junit.jupiter.api.Test)
Aggregations
Session (org.apache.wiki.api.core.Session)51
Test (org.junit.jupiter.api.Test)25
WikiSessionTest (org.apache.wiki.WikiSessionTest)19
Principal (java.security.Principal)18
MockHttpServletRequest (net.sourceforge.stripes.mock.MockHttpServletRequest)11
AllPermission (org.apache.wiki.auth.permissions.AllPermission)9
PageManager (org.apache.wiki.pages.PageManager)9
HttpSession (javax.servlet.http.HttpSession)8
Group (org.apache.wiki.auth.authorize.Group)8
PagePermission (org.apache.wiki.auth.permissions.PagePermission)8
Permission (java.security.Permission)7
Page (org.apache.wiki.api.core.Page)7
AuthenticationManager (org.apache.wiki.auth.AuthenticationManager)7
WikiPermission (org.apache.wiki.auth.permissions.WikiPermission)7
UnresolvedPrincipal (org.apache.wiki.auth.acl.UnresolvedPrincipal)6
UserProfile (org.apache.wiki.auth.user.UserProfile)6
GroupPrincipal (org.apache.wiki.auth.GroupPrincipal)5
WikiPrincipal (org.apache.wiki.auth.WikiPrincipal)5
Role (org.apache.wiki.auth.authorize.Role)5
HttpServletRequest (javax.servlet.http.HttpServletRequest)4
