1 |
|
|
2 |
|
|
3 |
|
|
4 |
|
|
5 |
|
|
6 |
|
|
7 |
|
|
8 |
|
|
9 |
|
|
10 |
|
|
11 |
|
|
12 |
|
|
13 |
|
|
14 |
|
|
15 |
|
|
16 |
|
|
17 |
|
|
18 |
|
|
19 |
|
|
20 |
|
package org.xwiki.security.authorization.internal; |
21 |
|
|
22 |
|
import org.junit.Assert; |
23 |
|
import org.junit.Before; |
24 |
|
import org.junit.Test; |
25 |
|
import org.xwiki.model.reference.DocumentReference; |
26 |
|
import org.xwiki.model.reference.EntityReference; |
27 |
|
import org.xwiki.security.authorization.AbstractWikiTestCase; |
28 |
|
import org.xwiki.security.authorization.AuthorizationManager; |
29 |
|
import org.xwiki.security.authorization.Right; |
30 |
|
import org.xwiki.security.authorization.testwikibuilding.LegacyTestWiki; |
31 |
|
|
32 |
|
import com.xpn.xwiki.XWikiContext; |
33 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (102) |
Complexity: 11 |
Complexity Density: 0.12 |
|
34 |
|
public class AuthorizationManagerTest extends AbstractWikiTestCase |
35 |
|
{ |
36 |
|
private AuthorizationManager authorizationManager; |
37 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (2) |
Complexity: 1 |
Complexity Density: 0.5 |
|
38 |
8 |
@Override... |
39 |
|
@Before |
40 |
|
public void setUp() throws Exception |
41 |
|
{ |
42 |
8 |
super.setUp(); |
43 |
|
|
44 |
8 |
this.authorizationManager = getComponentManager().getInstance(AuthorizationManager.class); |
45 |
|
} |
46 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (2) |
Complexity: 1 |
Complexity Density: 0.5 |
|
47 |
25 |
protected void assertAccessTrue(String message, Right right, DocumentReference userReference,... |
48 |
|
EntityReference entityReference, XWikiContext ctx) throws Exception |
49 |
|
{ |
50 |
25 |
setContext(ctx); |
51 |
|
|
52 |
25 |
Assert.assertTrue(message, this.authorizationManager.hasAccess(right, userReference, entityReference)); |
53 |
|
} |
54 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (2) |
Complexity: 1 |
Complexity Density: 0.5 |
|
55 |
24 |
protected void assertAccessFalse(String message, Right right, DocumentReference userReference,... |
56 |
|
EntityReference entityReference, XWikiContext ctx) throws Exception |
57 |
|
{ |
58 |
24 |
setContext(ctx); |
59 |
|
|
60 |
24 |
Assert.assertFalse(message, this.authorizationManager.hasAccess(right, userReference, entityReference)); |
61 |
|
} |
62 |
|
|
63 |
|
|
64 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (10) |
Complexity: 1 |
Complexity Density: 0.1 |
1PASS
|
|
65 |
1 |
@Test... |
66 |
|
public void testGlobalUserInEmptySubWiki() throws Exception |
67 |
|
{ |
68 |
1 |
LegacyTestWiki testWiki = new LegacyTestWiki(getMockery(), getComponentManager(), "emptySubWiki.xml", false); |
69 |
|
|
70 |
1 |
XWikiContext ctx = testWiki.getXWikiContext(); |
71 |
1 |
ctx.setWikiId("wiki2"); |
72 |
|
|
73 |
1 |
assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.VIEW, |
74 |
|
new DocumentReference("wiki", "XWiki", "user"), new DocumentReference("wiki2", "Space", "Page"), ctx); |
75 |
1 |
assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.EDIT, |
76 |
|
new DocumentReference("wiki", "XWiki", "user"), new DocumentReference("wiki2", "Space", "Page"), ctx); |
77 |
1 |
assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.COMMENT, |
78 |
|
new DocumentReference("wiki", "XWiki", "user"), new DocumentReference("wiki2", "Space", "Page"), ctx); |
79 |
1 |
assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.DELETE, |
80 |
|
new DocumentReference("wiki", "XWiki", "user"), new DocumentReference("wiki2", "Space", "Page"), ctx); |
81 |
1 |
assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.REGISTER, |
82 |
|
new DocumentReference("wiki", "XWiki", "user"), new DocumentReference("wiki2", "Space", "Page"), ctx); |
83 |
1 |
assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.ADMIN, |
84 |
|
new DocumentReference("wiki", "XWiki", "user"), new DocumentReference("wiki2", "Space", "Page"), ctx); |
85 |
1 |
assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.PROGRAM, |
86 |
|
new DocumentReference("wiki", "XWiki", "user"), new DocumentReference("wiki2", "Space", "Page"), ctx); |
87 |
|
} |
88 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (13) |
Complexity: 1 |
Complexity Density: 0.08 |
1PASS
|
|
89 |
1 |
@Test... |
90 |
|
public void testPublicAccess() throws Exception |
91 |
|
{ |
92 |
1 |
LegacyTestWiki testWiki = new LegacyTestWiki(getMockery(), getComponentManager(), "empty.xml", false); |
93 |
|
|
94 |
1 |
XWikiContext ctx = testWiki.getXWikiContext(); |
95 |
1 |
ctx.setWikiId("wiki"); |
96 |
|
|
97 |
1 |
DocumentReference user = null; |
98 |
1 |
EntityReference document = new DocumentReference("wiki", "Space", "Page"); |
99 |
|
|
100 |
1 |
assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.LOGIN, user, |
101 |
|
document, ctx); |
102 |
1 |
assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.VIEW, user, |
103 |
|
document, ctx); |
104 |
1 |
assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.EDIT, user, |
105 |
|
document, ctx); |
106 |
1 |
assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.DELETE, user, |
107 |
|
document, ctx); |
108 |
1 |
assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.REGISTER, user, |
109 |
|
document, ctx); |
110 |
1 |
assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.COMMENT, user, |
111 |
|
document, ctx); |
112 |
1 |
assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.PROGRAM, user, |
113 |
|
document, ctx); |
114 |
1 |
assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.ADMIN, user, |
115 |
|
document, ctx); |
116 |
|
} |
117 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (13) |
Complexity: 1 |
Complexity Density: 0.08 |
1PASS
|
|
118 |
1 |
@Test... |
119 |
|
public void testPublicAccessOnTopLevel() throws Exception |
120 |
|
{ |
121 |
1 |
LegacyTestWiki testWiki = new LegacyTestWiki(getMockery(), getComponentManager(), "empty.xml", false); |
122 |
|
|
123 |
1 |
XWikiContext ctx = testWiki.getXWikiContext(); |
124 |
1 |
ctx.setWikiId("wiki"); |
125 |
|
|
126 |
1 |
DocumentReference user = null; |
127 |
1 |
EntityReference document = null; |
128 |
|
|
129 |
1 |
assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.LOGIN, user, |
130 |
|
document, ctx); |
131 |
1 |
assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.VIEW, user, |
132 |
|
document, ctx); |
133 |
1 |
assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.EDIT, user, |
134 |
|
document, ctx); |
135 |
1 |
assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.DELETE, user, |
136 |
|
document, ctx); |
137 |
1 |
assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.REGISTER, user, |
138 |
|
document, ctx); |
139 |
1 |
assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.COMMENT, user, |
140 |
|
document, ctx); |
141 |
1 |
assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.PROGRAM, user, |
142 |
|
document, ctx); |
143 |
1 |
assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.ADMIN, user, |
144 |
|
document, ctx); |
145 |
|
} |
146 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (13) |
Complexity: 1 |
Complexity Density: 0.08 |
1PASS
|
|
147 |
1 |
@Test... |
148 |
|
public void testRightOnTopLevel() throws Exception |
149 |
|
{ |
150 |
1 |
LegacyTestWiki testWiki = new LegacyTestWiki(getMockery(), getComponentManager(), "empty.xml", false); |
151 |
|
|
152 |
1 |
XWikiContext ctx = testWiki.getXWikiContext(); |
153 |
1 |
ctx.setWikiId("wiki"); |
154 |
|
|
155 |
1 |
DocumentReference user = new DocumentReference("wiki", "XWiki", "user"); |
156 |
1 |
EntityReference document = null; |
157 |
|
|
158 |
1 |
assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.LOGIN, user, |
159 |
|
document, ctx); |
160 |
1 |
assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.VIEW, user, |
161 |
|
document, ctx); |
162 |
1 |
assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.EDIT, user, |
163 |
|
document, ctx); |
164 |
1 |
assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.DELETE, user, |
165 |
|
document, ctx); |
166 |
1 |
assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.REGISTER, user, |
167 |
|
document, ctx); |
168 |
1 |
assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.COMMENT, user, |
169 |
|
document, ctx); |
170 |
1 |
assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.PROGRAM, user, |
171 |
|
document, ctx); |
172 |
1 |
assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.ADMIN, user, |
173 |
|
document, ctx); |
174 |
|
} |
175 |
|
|
176 |
|
|
177 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (8) |
Complexity: 1 |
Complexity Density: 0.12 |
1PASS
|
|
178 |
1 |
@Test... |
179 |
|
public void testRightOnUserAndDelete() throws Exception |
180 |
|
{ |
181 |
1 |
LegacyTestWiki testWiki = new LegacyTestWiki(getMockery(), getComponentManager(), "usersAndGroups.xml", false); |
182 |
|
|
183 |
1 |
XWikiContext ctx = testWiki.getXWikiContext(); |
184 |
1 |
ctx.setWikiId("wiki"); |
185 |
|
|
186 |
1 |
assertAccessTrue("User should have view right", Right.VIEW, new DocumentReference("wiki", "XWiki", "user"), |
187 |
|
new DocumentReference("wiki", "Space", "Page"), ctx); |
188 |
1 |
assertAccessTrue("User should have view right", Right.VIEW, new DocumentReference("wiki", "XWiki", "user2"), |
189 |
|
new DocumentReference("wiki", "Space", "Page"), ctx); |
190 |
|
|
191 |
1 |
testWiki.deleteUser("user", "wiki"); |
192 |
|
|
193 |
1 |
assertAccessFalse("User should have view right", Right.VIEW, new DocumentReference("wiki", "XWiki", "user"), |
194 |
|
new DocumentReference("wiki", "Space", "Page"), ctx); |
195 |
1 |
assertAccessTrue("User should have view right", Right.VIEW, new DocumentReference("wiki", "XWiki", "user2"), |
196 |
|
new DocumentReference("wiki", "Space", "Page"), ctx); |
197 |
|
} |
198 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (7) |
Complexity: 1 |
Complexity Density: 0.14 |
1PASS
|
|
199 |
1 |
@Test... |
200 |
|
public void testEditAccessToGlobalRightObjectOnEmptyWiki() throws Exception |
201 |
|
{ |
202 |
1 |
LegacyTestWiki testWiki = new LegacyTestWiki(getMockery(), getComponentManager(), "empty.xml", false); |
203 |
|
|
204 |
1 |
XWikiContext ctx = testWiki.getXWikiContext(); |
205 |
1 |
ctx.setWikiId("wiki"); |
206 |
|
|
207 |
1 |
DocumentReference user = new DocumentReference("wiki", "XWiki", "user"); |
208 |
|
|
209 |
1 |
assertAccessFalse("Non-admin should not have edit access to XWikiPreferences in an empty wiki", |
210 |
|
Right.EDIT, user, new DocumentReference("wiki", "XWiki", "XWikiPreferences"), ctx); |
211 |
1 |
assertAccessFalse("Non-admin should not have edit access to XWiki.WebPreferences in an empty wiki", |
212 |
|
Right.EDIT, user, new DocumentReference("wiki", "XWiki", "WebPreferences"), ctx); |
213 |
1 |
assertAccessFalse("Non-admin should not have edit access to WebPreferences in any space of an empty wiki", |
214 |
|
Right.EDIT, user, new DocumentReference("wiki", "space", "WebPreferences"), ctx); |
215 |
|
} |
216 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (17) |
Complexity: 1 |
Complexity Density: 0.06 |
1PASS
|
|
217 |
1 |
@Test... |
218 |
|
public void testEditAccessToGlobalRightObject() throws Exception |
219 |
|
{ |
220 |
1 |
LegacyTestWiki testWiki = |
221 |
|
new LegacyTestWiki(getMockery(), getComponentManager(), "accessToGlobalObjects.xml", false); |
222 |
|
|
223 |
1 |
XWikiContext ctx = testWiki.getXWikiContext(); |
224 |
1 |
ctx.setWikiId("wiki"); |
225 |
|
|
226 |
1 |
DocumentReference userA = new DocumentReference("wiki", "XWiki", "userA"); |
227 |
1 |
DocumentReference userB = new DocumentReference("wiki", "XWiki", "userB"); |
228 |
1 |
DocumentReference userA2 = new DocumentReference("wiki2", "XWiki", "userA"); |
229 |
1 |
DocumentReference userB2 = new DocumentReference("wiki2", "XWiki", "userB"); |
230 |
|
|
231 |
1 |
assertAccessTrue("Admin should have edit access to XWikiPreferences when allowed by the wiki", |
232 |
|
Right.EDIT, userA, new DocumentReference("wiki", "XWiki", "XWikiPreferences"), ctx); |
233 |
1 |
assertAccessTrue("Admin should have edit access to XWikiPreferences when allowed by the XWiki space", |
234 |
|
Right.EDIT, userA2, new DocumentReference("wiki2", "XWiki", "XWikiPreferences"), ctx); |
235 |
1 |
assertAccessTrue("Global Admin should have edit access to XWikiPreferences", |
236 |
|
Right.EDIT, userA, new DocumentReference("wiki2", "XWiki", "XWikiPreferences"), ctx); |
237 |
1 |
assertAccessFalse("Non-admin should not have edit access to XWikiPreferences even when allowed by the document", |
238 |
|
Right.EDIT, userB, new DocumentReference("wiki", "XWiki", "XWikiPreferences"), ctx); |
239 |
1 |
assertAccessFalse("Non-admin should not have edit access to XWikiPreferences even when allowed by the space", |
240 |
|
Right.EDIT, userB, new DocumentReference("wiki2", "XWiki", "XWikiPreferences"), ctx); |
241 |
|
|
242 |
1 |
assertAccessTrue("Admin should have edit access to XWikiPreferences when allowed by the wiki", |
243 |
|
Right.EDIT, userA, new DocumentReference("wiki", "XWiki", "WebPreferences"), ctx); |
244 |
1 |
assertAccessTrue("Admin should have edit access to XWikiPreferences when allowed by the XWiki space", |
245 |
|
Right.EDIT, userA2, new DocumentReference("wiki2", "XWiki", "WebPreferences"), ctx); |
246 |
1 |
assertAccessTrue("Global Admin should have edit access to XWikiPreferences", |
247 |
|
Right.EDIT, userA, new DocumentReference("wiki2", "XWiki", "WebPreferences"), ctx); |
248 |
1 |
assertAccessFalse("Non-admin should not have edit access to XWikiPreferences even when allowed by the document", |
249 |
|
Right.EDIT, userB, new DocumentReference("wiki", "XWiki", "WebPreferences"), ctx); |
250 |
1 |
assertAccessFalse("Non-admin should not have edit access to XWikiPreferences even when allowed by the space", |
251 |
|
Right.EDIT, userB, new DocumentReference("wiki2", "XWiki", "WebPreferences"), ctx); |
252 |
|
} |
253 |
|
|
|
|
| 100% |
Uncovered Elements: 0 (4) |
Complexity: 1 |
Complexity Density: 0.25 |
1PASS
|
|
254 |
1 |
@Test... |
255 |
|
public void testMainWikiOwner() throws Exception |
256 |
|
{ |
257 |
1 |
LegacyTestWiki testWiki = new LegacyTestWiki(getMockery(), getComponentManager(), "empty.xml", false); |
258 |
|
|
259 |
1 |
XWikiContext ctx = testWiki.getXWikiContext(); |
260 |
1 |
ctx.setWikiId("wiki"); |
261 |
|
|
262 |
1 |
assertAccessTrue("Main wiki oner shoudl have Programming Right", Right.PROGRAM, |
263 |
|
new DocumentReference("wiki", "XWiki", "Admin"), null, ctx); |
264 |
|
} |
265 |
|
} |