1. Project Clover database Tue Dec 20 2016 21:24:09 CET
  2. Package org.xwiki.security.authorization.internal

File AuthorizationManagerTest.java

 

Code metrics

0
91
11
1
265
201
11
0.12
8.27
11
1

Classes

Class Line # Actions
AuthorizationManagerTest 34 91 0% 11 0
1.0100%
 

Contributing tests

This file is covered by 8 tests. .

Source view

1    /*
2    * See the NOTICE file distributed with this work for additional
3    * information regarding copyright ownership.
4    *
5    * This is free software; you can redistribute it and/or modify it
6    * under the terms of the GNU Lesser General Public License as
7    * published by the Free Software Foundation; either version 2.1 of
8    * the License, or (at your option) any later version.
9    *
10    * This software is distributed in the hope that it will be useful,
11    * but WITHOUT ANY WARRANTY; without even the implied warranty of
12    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13    * Lesser General Public License for more details.
14    *
15    * You should have received a copy of the GNU Lesser General Public
16    * License along with this software; if not, write to the Free
17    * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18    * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
19    */
20    package org.xwiki.security.authorization.internal;
21   
22    import org.junit.Assert;
23    import org.junit.Before;
24    import org.junit.Test;
25    import org.xwiki.model.reference.DocumentReference;
26    import org.xwiki.model.reference.EntityReference;
27    import org.xwiki.security.authorization.AbstractWikiTestCase;
28    import org.xwiki.security.authorization.AuthorizationManager;
29    import org.xwiki.security.authorization.Right;
30    import org.xwiki.security.authorization.testwikibuilding.LegacyTestWiki;
31   
32    import com.xpn.xwiki.XWikiContext;
33   
 
34    public class AuthorizationManagerTest extends AbstractWikiTestCase
35    {
36    private AuthorizationManager authorizationManager;
37   
 
38  8 toggle @Override
39    @Before
40    public void setUp() throws Exception
41    {
42  8 super.setUp();
43   
44  8 this.authorizationManager = getComponentManager().getInstance(AuthorizationManager.class);
45    }
46   
 
47  25 toggle protected void assertAccessTrue(String message, Right right, DocumentReference userReference,
48    EntityReference entityReference, XWikiContext ctx) throws Exception
49    {
50  25 setContext(ctx);
51   
52  25 Assert.assertTrue(message, this.authorizationManager.hasAccess(right, userReference, entityReference));
53    }
54   
 
55  24 toggle protected void assertAccessFalse(String message, Right right, DocumentReference userReference,
56    EntityReference entityReference, XWikiContext ctx) throws Exception
57    {
58  24 setContext(ctx);
59   
60  24 Assert.assertFalse(message, this.authorizationManager.hasAccess(right, userReference, entityReference));
61    }
62   
63    // Tests
64   
 
65  1 toggle @Test
66    public void testGlobalUserInEmptySubWiki() throws Exception
67    {
68  1 LegacyTestWiki testWiki = new LegacyTestWiki(getMockery(), getComponentManager(), "emptySubWiki.xml", false);
69   
70  1 XWikiContext ctx = testWiki.getXWikiContext();
71  1 ctx.setWikiId("wiki2");
72   
73  1 assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.VIEW,
74    new DocumentReference("wiki", "XWiki", "user"), new DocumentReference("wiki2", "Space", "Page"), ctx);
75  1 assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.EDIT,
76    new DocumentReference("wiki", "XWiki", "user"), new DocumentReference("wiki2", "Space", "Page"), ctx);
77  1 assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.COMMENT,
78    new DocumentReference("wiki", "XWiki", "user"), new DocumentReference("wiki2", "Space", "Page"), ctx);
79  1 assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.DELETE,
80    new DocumentReference("wiki", "XWiki", "user"), new DocumentReference("wiki2", "Space", "Page"), ctx);
81  1 assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.REGISTER,
82    new DocumentReference("wiki", "XWiki", "user"), new DocumentReference("wiki2", "Space", "Page"), ctx);
83  1 assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.ADMIN,
84    new DocumentReference("wiki", "XWiki", "user"), new DocumentReference("wiki2", "Space", "Page"), ctx);
85  1 assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.PROGRAM,
86    new DocumentReference("wiki", "XWiki", "user"), new DocumentReference("wiki2", "Space", "Page"), ctx);
87    }
88   
 
89  1 toggle @Test
90    public void testPublicAccess() throws Exception
91    {
92  1 LegacyTestWiki testWiki = new LegacyTestWiki(getMockery(), getComponentManager(), "empty.xml", false);
93   
94  1 XWikiContext ctx = testWiki.getXWikiContext();
95  1 ctx.setWikiId("wiki");
96   
97  1 DocumentReference user = null;
98  1 EntityReference document = new DocumentReference("wiki", "Space", "Page");
99   
100  1 assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.LOGIN, user,
101    document, ctx);
102  1 assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.VIEW, user,
103    document, ctx);
104  1 assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.EDIT, user,
105    document, ctx);
106  1 assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.DELETE, user,
107    document, ctx);
108  1 assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.REGISTER, user,
109    document, ctx);
110  1 assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.COMMENT, user,
111    document, ctx);
112  1 assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.PROGRAM, user,
113    document, ctx);
114  1 assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.ADMIN, user,
115    document, ctx);
116    }
117   
 
118  1 toggle @Test
119    public void testPublicAccessOnTopLevel() throws Exception
120    {
121  1 LegacyTestWiki testWiki = new LegacyTestWiki(getMockery(), getComponentManager(), "empty.xml", false);
122   
123  1 XWikiContext ctx = testWiki.getXWikiContext();
124  1 ctx.setWikiId("wiki");
125   
126  1 DocumentReference user = null;
127  1 EntityReference document = null;
128   
129  1 assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.LOGIN, user,
130    document, ctx);
131  1 assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.VIEW, user,
132    document, ctx);
133  1 assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.EDIT, user,
134    document, ctx);
135  1 assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.DELETE, user,
136    document, ctx);
137  1 assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.REGISTER, user,
138    document, ctx);
139  1 assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.COMMENT, user,
140    document, ctx);
141  1 assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.PROGRAM, user,
142    document, ctx);
143  1 assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.ADMIN, user,
144    document, ctx);
145    }
146   
 
147  1 toggle @Test
148    public void testRightOnTopLevel() throws Exception
149    {
150  1 LegacyTestWiki testWiki = new LegacyTestWiki(getMockery(), getComponentManager(), "empty.xml", false);
151   
152  1 XWikiContext ctx = testWiki.getXWikiContext();
153  1 ctx.setWikiId("wiki");
154   
155  1 DocumentReference user = new DocumentReference("wiki", "XWiki", "user");
156  1 EntityReference document = null;
157   
158  1 assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.LOGIN, user,
159    document, ctx);
160  1 assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.VIEW, user,
161    document, ctx);
162  1 assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.EDIT, user,
163    document, ctx);
164  1 assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.DELETE, user,
165    document, ctx);
166  1 assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.REGISTER, user,
167    document, ctx);
168  1 assertAccessTrue("User from global wiki should have the same rights on empty subwiki", Right.COMMENT, user,
169    document, ctx);
170  1 assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.PROGRAM, user,
171    document, ctx);
172  1 assertAccessFalse("User from global wiki should have the same rights on empty subwiki", Right.ADMIN, user,
173    document, ctx);
174    }
175   
176    // Cache tests
177   
 
178  1 toggle @Test
179    public void testRightOnUserAndDelete() throws Exception
180    {
181  1 LegacyTestWiki testWiki = new LegacyTestWiki(getMockery(), getComponentManager(), "usersAndGroups.xml", false);
182   
183  1 XWikiContext ctx = testWiki.getXWikiContext();
184  1 ctx.setWikiId("wiki");
185   
186  1 assertAccessTrue("User should have view right", Right.VIEW, new DocumentReference("wiki", "XWiki", "user"),
187    new DocumentReference("wiki", "Space", "Page"), ctx);
188  1 assertAccessTrue("User should have view right", Right.VIEW, new DocumentReference("wiki", "XWiki", "user2"),
189    new DocumentReference("wiki", "Space", "Page"), ctx);
190   
191  1 testWiki.deleteUser("user", "wiki");
192   
193  1 assertAccessFalse("User should have view right", Right.VIEW, new DocumentReference("wiki", "XWiki", "user"),
194    new DocumentReference("wiki", "Space", "Page"), ctx);
195  1 assertAccessTrue("User should have view right", Right.VIEW, new DocumentReference("wiki", "XWiki", "user2"),
196    new DocumentReference("wiki", "Space", "Page"), ctx);
197    }
198   
 
199  1 toggle @Test
200    public void testEditAccessToGlobalRightObjectOnEmptyWiki() throws Exception
201    {
202  1 LegacyTestWiki testWiki = new LegacyTestWiki(getMockery(), getComponentManager(), "empty.xml", false);
203   
204  1 XWikiContext ctx = testWiki.getXWikiContext();
205  1 ctx.setWikiId("wiki");
206   
207  1 DocumentReference user = new DocumentReference("wiki", "XWiki", "user");
208   
209  1 assertAccessFalse("Non-admin should not have edit access to XWikiPreferences in an empty wiki",
210    Right.EDIT, user, new DocumentReference("wiki", "XWiki", "XWikiPreferences"), ctx);
211  1 assertAccessFalse("Non-admin should not have edit access to XWiki.WebPreferences in an empty wiki",
212    Right.EDIT, user, new DocumentReference("wiki", "XWiki", "WebPreferences"), ctx);
213  1 assertAccessFalse("Non-admin should not have edit access to WebPreferences in any space of an empty wiki",
214    Right.EDIT, user, new DocumentReference("wiki", "space", "WebPreferences"), ctx);
215    }
216   
 
217  1 toggle @Test
218    public void testEditAccessToGlobalRightObject() throws Exception
219    {
220  1 LegacyTestWiki testWiki =
221    new LegacyTestWiki(getMockery(), getComponentManager(), "accessToGlobalObjects.xml", false);
222   
223  1 XWikiContext ctx = testWiki.getXWikiContext();
224  1 ctx.setWikiId("wiki");
225   
226  1 DocumentReference userA = new DocumentReference("wiki", "XWiki", "userA");
227  1 DocumentReference userB = new DocumentReference("wiki", "XWiki", "userB");
228  1 DocumentReference userA2 = new DocumentReference("wiki2", "XWiki", "userA");
229  1 DocumentReference userB2 = new DocumentReference("wiki2", "XWiki", "userB");
230   
231  1 assertAccessTrue("Admin should have edit access to XWikiPreferences when allowed by the wiki",
232    Right.EDIT, userA, new DocumentReference("wiki", "XWiki", "XWikiPreferences"), ctx);
233  1 assertAccessTrue("Admin should have edit access to XWikiPreferences when allowed by the XWiki space",
234    Right.EDIT, userA2, new DocumentReference("wiki2", "XWiki", "XWikiPreferences"), ctx);
235  1 assertAccessTrue("Global Admin should have edit access to XWikiPreferences",
236    Right.EDIT, userA, new DocumentReference("wiki2", "XWiki", "XWikiPreferences"), ctx);
237  1 assertAccessFalse("Non-admin should not have edit access to XWikiPreferences even when allowed by the document",
238    Right.EDIT, userB, new DocumentReference("wiki", "XWiki", "XWikiPreferences"), ctx);
239  1 assertAccessFalse("Non-admin should not have edit access to XWikiPreferences even when allowed by the space",
240    Right.EDIT, userB, new DocumentReference("wiki2", "XWiki", "XWikiPreferences"), ctx);
241   
242  1 assertAccessTrue("Admin should have edit access to XWikiPreferences when allowed by the wiki",
243    Right.EDIT, userA, new DocumentReference("wiki", "XWiki", "WebPreferences"), ctx);
244  1 assertAccessTrue("Admin should have edit access to XWikiPreferences when allowed by the XWiki space",
245    Right.EDIT, userA2, new DocumentReference("wiki2", "XWiki", "WebPreferences"), ctx);
246  1 assertAccessTrue("Global Admin should have edit access to XWikiPreferences",
247    Right.EDIT, userA, new DocumentReference("wiki2", "XWiki", "WebPreferences"), ctx);
248  1 assertAccessFalse("Non-admin should not have edit access to XWikiPreferences even when allowed by the document",
249    Right.EDIT, userB, new DocumentReference("wiki", "XWiki", "WebPreferences"), ctx);
250  1 assertAccessFalse("Non-admin should not have edit access to XWikiPreferences even when allowed by the space",
251    Right.EDIT, userB, new DocumentReference("wiki2", "XWiki", "WebPreferences"), ctx);
252    }
253   
 
254  1 toggle @Test
255    public void testMainWikiOwner() throws Exception
256    {
257  1 LegacyTestWiki testWiki = new LegacyTestWiki(getMockery(), getComponentManager(), "empty.xml", false);
258   
259  1 XWikiContext ctx = testWiki.getXWikiContext();
260  1 ctx.setWikiId("wiki");
261   
262  1 assertAccessTrue("Main wiki oner shoudl have Programming Right", Right.PROGRAM,
263    new DocumentReference("wiki", "XWiki", "Admin"), null, ctx);
264    }
265    }