1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
|
/*
* Copyright (c) 2015 Brocade Communications Systems, Inc. and others. All rights reserved.
*
* This program and the accompanying materials are made available under the
* terms of the Eclipse Public License v1.0 which accompanies this distribution,
* and is available at http://www.eclipse.org/legal/epl-v10.html
*/
package org.opendaylight.aaa.shiro.authorization;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
import com.google.common.collect.Sets;
import java.util.Collection;
import java.util.HashSet;
import org.junit.Test;
public class RBACRuleTest {
private static final String BASIC_RBAC_RULE_URL_PATTERN = "/*";
private static final Collection<String> BASIC_RBAC_RULE_ROLES = Sets.newHashSet("admin");
private RBACRule basicRBACRule = RBACRule.createAuthorizationRule(BASIC_RBAC_RULE_URL_PATTERN,
BASIC_RBAC_RULE_ROLES);
private static final String COMPLEX_RBAC_RULE_URL_PATTERN = "/auth/v1/";
private static final Collection<String> COMPLEX_RBAC_RULE_ROLES = Sets.newHashSet("admin",
"user");
private RBACRule complexRBACRule = RBACRule.createAuthorizationRule(
COMPLEX_RBAC_RULE_URL_PATTERN, COMPLEX_RBAC_RULE_ROLES);
@Test
public void testCreateAuthorizationRule() {
// positive test cases
assertNotNull(RBACRule.createAuthorizationRule(BASIC_RBAC_RULE_URL_PATTERN,
BASIC_RBAC_RULE_ROLES));
assertNotNull(RBACRule.createAuthorizationRule(COMPLEX_RBAC_RULE_URL_PATTERN,
COMPLEX_RBAC_RULE_ROLES));
// negative test cases
// both null
assertNull(RBACRule.createAuthorizationRule(null, null));
// url pattern is null
assertNull(RBACRule.createAuthorizationRule(null, BASIC_RBAC_RULE_ROLES));
// url pattern is empty string
assertNull(RBACRule.createAuthorizationRule("", BASIC_RBAC_RULE_ROLES));
// roles is null
assertNull(RBACRule.createAuthorizationRule(BASIC_RBAC_RULE_URL_PATTERN, null));
// roles is empty collection
assertNull(RBACRule.createAuthorizationRule(COMPLEX_RBAC_RULE_URL_PATTERN,
new HashSet<String>()));
}
@Test
public void testGetUrlPattern() {
assertEquals(BASIC_RBAC_RULE_URL_PATTERN, basicRBACRule.getUrlPattern());
assertEquals(COMPLEX_RBAC_RULE_URL_PATTERN, complexRBACRule.getUrlPattern());
}
@Test
public void testGetRoles() {
assertTrue(BASIC_RBAC_RULE_ROLES.containsAll(basicRBACRule.getRoles()));
basicRBACRule.getRoles().clear();
// test that getRoles() produces a new object
assertFalse(basicRBACRule.getRoles().isEmpty());
assertTrue(basicRBACRule.getRoles().containsAll(BASIC_RBAC_RULE_ROLES));
assertTrue(COMPLEX_RBAC_RULE_ROLES.containsAll(complexRBACRule.getRoles()));
complexRBACRule.getRoles().add("newRole");
// test that getRoles() produces a new object
assertFalse(complexRBACRule.getRoles().contains("newRole"));
assertTrue(complexRBACRule.getRoles().containsAll(COMPLEX_RBAC_RULE_ROLES));
}
@Test
public void testGetRolesInShiroFormat() {
final String BASIC_RBAC_RULE_EXPECTED_SHIRO_FORMAT = "roles[admin]";
assertEquals(BASIC_RBAC_RULE_EXPECTED_SHIRO_FORMAT, basicRBACRule.getRolesInShiroFormat());
// set ordering is not predictable, so both formats must be considered
final String COMPLEX_RBAC_RULE_EXPECTED_SHIRO_FORMAT_1 = "roles[admin, user]";
final String COMPLEX_RBAC_RULE_EXPECTED_SHIRO_FORMAT_2 = "roles[user, admin]";
assertTrue(COMPLEX_RBAC_RULE_EXPECTED_SHIRO_FORMAT_1.equals(complexRBACRule
.getRolesInShiroFormat())
|| COMPLEX_RBAC_RULE_EXPECTED_SHIRO_FORMAT_2.equals(complexRBACRule
.getRolesInShiroFormat()));
}
@Test
public void testToString() {
final String BASIC_RBAC_RULE_EXPECTED_SHIRO_FORMAT = "/*=roles[admin]";
assertEquals(BASIC_RBAC_RULE_EXPECTED_SHIRO_FORMAT, basicRBACRule.toString());
// set ordering is not predictable,s o both formats must be considered
final String COMPLEX_RBAC_RULE_EXPECTED_SHIRO_FORMAT_1 = "/auth/v1/=roles[admin, user]";
final String COMPLEX_RBAC_RULE_EXPECTED_SHIRO_FORMAT_2 = "/auth/v1/=roles[user, admin]";
assertTrue(COMPLEX_RBAC_RULE_EXPECTED_SHIRO_FORMAT_1.equals(complexRBACRule.toString())
|| COMPLEX_RBAC_RULE_EXPECTED_SHIRO_FORMAT_2.equals(complexRBACRule.toString()));
}
}
|
